Please enable JavaScript.
Coggle requires JavaScript to display documents.
General Computer Controls HAI FOKOF SHEM - Coggle Diagram
General Computer Controls
HAI FOKOF SHEM
Key Words
Access Controls to Data and Programs
Programmed controls
Terminal identification numbers (TINS)
3.) Automatic log off
2.) Limited access
5.) Limited workstation log on
6.) Investigation on disconnection
1.) Simultaneous login
4.) unsuccessful login attempts
Confidentiality of passwords
3.) Alpha/numerical characters
Reuse prohibited
4.) Capital letters and small caps
8.) Cancellation when inactivity
2.) Password length
5.) Special characters
9.) Cancellation on dismissal
1.) Password strength
6.) Regular password changes
10.) Easily guessed
7.) Non-reuse of passwords
11.) On-screen display
User profiles
1.) Risky
2.) Unauthorized documents
User ID's
User ID's implementation
Confidentiality emphasis
Physical controls
Stationer
Unauthorised persons
Open door
security key pads
Confidential documents
Computer Operating Controls
Organisational and Management Controls
System Software Controls
System maintenance Controls (Change Controls)
7.) Business Continuity Controls
Disaster Recovery
Business disruption
Data loss
Insurance premium
Disaster Recovery Plan
Staff Instructions
Procedures to Follow
Emergency plan
Alternative processing facilities
Back-up Strategies
End of 2 months
Theft protection
Cloud Storage
Off-site storage
Data backup
Physical Security
Temperature control
Humidity control
Protection against elements
Lightning
Thunder
Rain
Fire extinguisher
working condition
operating effectively
Fire protection
Backups
Online backups
Real-time backups
Rotational basis
Separate premises
Regular backups
Hardware backup
Retention of files/records
Fireproof safe
1.) System Development and Implementation Controls
Purchased Package
2.) System Specification & User Needs:
Traditional method
Written systems specification
Data processing department
Defining the way the system must work
Users
User department try out
Prototype systems
Design prototype
Refine the design
3.) System Design and Programming Standards:
Supervision over system design
Predetermined standards
Control-related programmed procedures
Program library
Interaction with existing systems and system software
Live data
System design and programming standards
1.) Project Authorization and Management:
User department
Technical soundness
Feasibility study
Computer department
Compatibility with other systems
Cost/benefit analysis
Senior management
Data processing department
Documentation
Timetables
Operational aspects
Project team
Steering committee
Internal/external auditors
Testing
Budgets
Quality control department
Development plan authorized
Quality requirements
Standard of design
4.) Testing:
System testing
Test data
User testing
Live testing
Parallel running
Pilot running
Program testing
Test data
Desk checking
System Developed in-house.
Specification and selection of package
Questioning
Facilities
Quality of support
Freedom from program errors
Efficiency
Speed
Ease of use
Observing
Discussions
Implementation and testing of package
Implementation
Data processing
Management
User departments
Quality assurance
Testing
Independent testing
Review
Controls during conversion to the new system
Update system documentation
descriptions
flowcharts
Operating manuals
Testing
Third party confirmations
Exception reports
Balancing old files with new files
Comparison with data run on old system (parallel)
Control over conversion of data by data control group
Supervision
Auditor involvement
Backup of new system
Planning and preparation
Cut-off dates
Data files
Standing data
Methods (parallel/pilot)
Training
Conversion
Constant power
Air-con
Timetables
Post-implementation review
Advantages & Disadvantages
Advantages
Lower cost
Predetermined cost
Less implementation time
Tested thoroughly
Reliable
Disadvantages
Inflexible
Written overseas
General
Change maintenance difficult/impossible
Dependent on vendors