Professional Documents
Culture Documents
Cis 15
Cis 15
Authorisation**
Here's an explanation of each option and why option A is the correct choice:
A. **Authorisation**: This control category involves ensuring that transactions or actions are
approved by designated individuals with the appropriate authority. In this case, transactions
from the trust account must be initiated by the administration lead and approved by the
managing partner, demonstrating a clear authorization process for financial transactions.
C. **Physical control**: Physical control typically refers to measures taken to safeguard physical
assets or resources, such as locking mechanisms, security systems, or access controls.
In the context of Shan O’Donnell's legal practice, the requirement for specific authorization
(initiation by administration lead, approval by managing partner) before transactions can be
processed from the trust account aligns with the concept of authorization controls. This control
mechanism ensures that only authorized personnel can initiate and approve financial
transactions involving client funds, enhancing accountability, and mitigating the risk of
unauthorized or inappropriate transactions.
**A. Authorisation**
Here's an explanation of each option and why option A is the correct choice:
C. **Processing of source documents and maintenance of the general ledger**: Separating the
processing of source documents (e.g., recording transactions) from the maintenance of the
general ledger (e.g., posting entries, preparing financial reports) ensures that transactions are
accurately recorded and independently verified.
D. **Customer invoicing and budget preparation**: While these functions involve different
aspects of financial management, they do not directly address the core principle of segregation
of duties related to financial controls.
In the context of Terry’s Flooring, separating the authorization of cash payments (e.g., approving
payments to vendors or suppliers) from access to bank accounts (e.g., initiating wire transfers,
reconciling accounts) is essential for maintaining effective segregation of duties. This separation
helps reduce the risk of fraud, errors, or unauthorized transactions by ensuring that different
individuals oversee different aspects of financial transactions and controls.
24. To determine which control is an application information processing control within Leroy
Motors' information system, let's evaluate each option:
A. **All modules within the ERP system are fitted with virus protection software**: This control
refers to a security control aimed at protecting the ERP system and its modules from viruses
and malware. While important for system security, this is not specifically an application control
related to information processing within the system.
B. **Every Leroy Motors employee has a unique profile and password**: This control is related
to user authentication and access control, ensuring that each employee has a unique login
profile and password. This is more of an access control measure rather than an application
control directly focused on information processing.
C. **A prescribed date and time format for all entries to the customer management module**:
This control defines a specific data format requirement for entries into the customer
management module. This is an example of an application control, as it regulates how data is
inputted and processed within a specific module of the information system.
D. **All entries of data are backed up automatically by the system**: This control pertains to
data backup procedures, ensuring that data entered into the system is automatically backed up
to prevent data loss. While important for data integrity and recovery, this is more of a data
management and backup control rather than an application control focused on data processing.
Therefore, among the options provided, the control that best represents an application
information processing control within Leroy Motors' information system is: