Professional Documents
Culture Documents
Information System
Anchal Mishra
Concept of Controls in
Information System
Controls in information system also known as
controls in electronic data processing (EDP)
controls in EDP environment, consist of all
policies, procedures, methods that ensure
accuracy, reliability, operational adherence
to standards in information systems,
whether manual or computer based, in
computer-based Information systems, the
need for controls is more prominent.
The computer-based information systems are
more vulnerable as compared to manual
information systems because of the following
reasons:
• Complex computer-based information
systems cannot be replicated manually. Most
information cannot be printed or is too
voluminous to be handled manually.
• There is usually no visible trace of changes
in computer-based information systems
because computer records can be read only
by the computer.
• Computerised procedures are invisible and are
not easily understood and audited.
• The development and operation of computer-
based information systems require specialized
technical expertise which cannot be easily
communicated to end users. Thus, systems are
highly open to abuse by technical staff members
who are not well integrated with the organization.
• In case of disasters, computer-based information
systems have to sustain more losses as
compared to manual systems. In many cases, all
the records of the systems can be destroyed or
lost for ever.
• Most of the computer-based information
systems are accessible by many individuals.
Therefore, information gathering is easier but
controlling information is very difficult.
• Most of the large organizations rely on on-line
information systems, while on-line systems
add to operational efficiency. They are quite
vulnerable as data files can be accessed
immediately and directly through computer
terminals. Thus, the systems are open to
abuse by authorized as well as unauthorized
users.
Objectives of Information System
Controls