Please enable JavaScript.
Coggle requires JavaScript to display documents.
Processing Integrity and Availability Controls - Coggle Diagram
Processing Integrity and
Availability Controls
Processing Integrity Controls
Input
Forms design
Sequentially prenumbered
Control to identify potential missing transaction
Cut down on errors by making data entry easier
Turnaround documents
Eliminate errors in data entry
Processing Integrity: Data Entry Controls
Field check
Characters in a field are proper type
Sign check
Data in a field is appropriate sign (positive/negative)
Limit check
Tests numerical amount against a fixed value
Range check
Tests numerical amount against lower and upper limits
Size check
Input data fits into the field
Completeness check
Verifies that all required data is entered
Validity check
Compares data from transaction file to that of master file to verify existence
Reasonableness test
Correctness of logical relationship between two data items
Check digit verification
Recalculating check digit to verify data entry error has not been made
Additional Data Entry Controls
Batch processing
Sequence check
Test of batch data in proper numerical or alphabetical sequence
Error logs
Batch totals
Summarize numeric values for a batch of input records
Financial total
Hash total
Record count
Online
Employee Access controls
Automatic data entry
Prompting
System prompts you for input (online completeness check)
Closed-loop verification
Checks accuracy of input data by using it to retrieve and display other related information (e.g., customer account # retrieves the customer name)
Transaction logs
Error Messages
Processing Controls
Data matching
Two or more items must be matched before an action takes place
File labels
Ensures correct and most updated file is used
Recalculation of batch totals
Cross-footing
Verifies accuracy by comparing two alternative ways of calculating the same total
Zero-balance tests
For control accounts (e.g., payroll clearing)
Write-protection mechanisms
Protect against overwriting or erasing data
Concurrent update controls
Prevent error of two or more users updating the same record at the same time
Output Controls
User review of output
Reconciliation
Procedures to reconcile to control reports (e.g., general ledger A/R account reconciled to Accounts Receivable Subsidiary Ledger)
External data reconciliation
Data transmission controls
Check sums
-Hash of file transmitted, comparison made of hash before and after transmission
Parity checking
-Bit added to each character transmitted, the characters can then be verified for accuracy
Message Acknowledgment Techniques for data transmission (let the sender of an electronic message know that a message was received)
Echo Check
-When data are transmitted, the system calculates a summary statistic , receiving unit performs the same calculation and sends back to source. If they agree, accuracy is assumed
Trailer Record
-sending unit stores control totals in a trailer record
-receiving unit uses that information to verify that the entire message was received
Processing Integrity Controls(Spreadsheets)
Spreadsheets usually developed by end user
Lack of application controls
Solutions
Multiple people evaluate all cells for possible error
Cell formulas.
-Do not hardwire
-Use cell references
input/output section
Availability Controls
Preventive maintenance
Fault tolerance
Use of redundant components
Data center location and design
Raised floor
Fire suppression
Air conditioning
Uninterruptible power supply (UPS) or back-up generator
Surge protection
Patch management and antivirus software
Backup procedures
Full(probably weekly)
Incremental
Copies only items that have changed since last partial backup
Differential backup
Copies all changes made since last full backup
Disaster recovery plan (DRP)
Procedures to restore organization’s IT function
Cold site
Hot site
Business continuity plan (BCP)
How to resume all operations, not just IT
Virtualization & Cloud Computing
Can reduce time to recover from hardware problems
Install files to new box
Support real time mirroring
Cloud Computing
Use redundant banks of servers in multiple locations
Reduces risk of system downtime and data loss
Potential problem
Data retrieval if public cloud provider goes belly-up
Policy of making regular back-ups and storing somewhere other than cloud necessary
Assess long-run financial viability of cloud provider before taking the plunge