Internal Control in the CIS Environment

.are means of preventing.Controls. detecting and/or correcting conditions that poses a threat to an organization.

. theft and any circumstances that may cause inefficiencies to the operation of the business.is composed of all measures adopted and effected by an entity in order to safeguard its resources from wastage.Internal Control System.

A well designed system of internal control promotes accuracy in data and record keeping. . measures substantial compliance with policies and evaluate operations in terms of its effectiveness and efficiency.

General Controls b. Application Controls .Computer /Internal Controls are classified as either: a.

General CIS Control. .establishes a framework of overall controls over the CIS activities and provides a reasonable level of assurance that the overall objectives of internal control are achieved.

Systems software controls (or hardware and systems software controls) 4. Access controls 5. Data entry and program controls (or data and procedural controls) . Application systems development and maintenance controls (or Systems development and documentation controls) 3.Five Categories of General CIS Control 1. Organization and Management controls (or Organization and Operation Controls) 2.

Data librarian 6. Data security 2. 1. Applications programmer 9. Key functions that must be separated at a minimum. Network technician 4. Systems analyst 8. Organization and Management controls (or Organization and Operation Controls) Objective: ensures that all incompatible duties are being separated in order to maintain an independent processing system.1. Quality assurance 7. Control group . DBA 3. Systems programmer 10. Operator 5.

2. . tested and approved prior to its eventual use. Application systems development and maintenance controls (or Systems development and documentation controls) Objective: ensures that applications are well documented. there must be proper approval and testing first before effecting the implementation of the proposed changes. reviewed. In cases where changes to the system are imminent.

Computer operation controls (or hardware and systems software controls) Objective: ensures that all control features are utilized to the maximum possible extent in accordance to the overall framework of the CIS activities.3. 1. Parity check- .

Computer Installations – are the facilities where the computer hardware and personnel are located. Service bureau computer – the computer is used by an independent agency which rents computer time and provides programming. and control the various applications processed with the equipment. key-punching. 2. . and other services. operate. Categories: 1. In-house or captive computer – the organization owns or leases the equipment and hires the necessary trained personnel to program.

the organization needing computer services may lease or purchase the necessary hardware and installs it on its own premises. by agreement. 4. Time-sharing – a system where in the organization acquires a keyboard device capable of transmitting and receiving data and. Facilities management – under this system. Then by negotiation. .3. an outside contractor with the necessary staff of programmers and operators agrees to manage the facility. the right to use a central computer facility. This facility will furnish service to several users at the same time.

2. For example. Documents are not maintained in readable form. .Impact of Computers on Accounting Systems 1. a clerk enters the transaction directly into the system. instead of preparing a sales order by hand. Processing of transactions is more consistent A computerized data processing system that has been properly tested before being placed into use and that has appropriate safeguards generally runs consistently so long as hardware failures do not occur.

Computerized systems provide for. Reports can be generated easily. . or allow users to generate. 4. necessary reports about the status of transactions or accounts in a minimal amount of time.Impact of Computers on Accounting Systems 3. Duties are consolidated.

Trojan Horse It is an unauthorized program placed within an authorize one. 2. Salami Technique Computer programs are modified to inappropriately round off calculations to the benefit of the fraud perpetrator. It can be used to destroy important data and then destroy itself. . The amount available for rounding are then placed in an account controlled by the perpetrator.Major Types of Computer Fraud 1.

Trapdoors These are unauthorized entry points into programs or database. ..Major Types of Computer Fraud 3. Virus Programs These are programs with unauthorized information or instructions. 4.

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.