Please enable JavaScript.
Coggle requires JavaScript to display documents.
General computer controls - Coggle Diagram
General computer controls
System Development and Implementation Controls
The objective of this control is to ensure self-developed/purchased system is properly developed, authorised and meet user’s needs
System maintenance controls The objective of this control is to ensure changes to system is authorised, meet user’s needs and made effectively.
Access controls to data and programs The objective of this control is to prevent unauthorised changes to programs, data, terminals & files
System software The objective of this control is to ensure installation, development, maintenance of software packages are authorised and effective
Organisational and management controls The objective of this control: Organisational framework such as segregation of duties (SOD), supervision and review and virus protection
Business Continuity Controls The objective of this control is to prevent/limit system interruption (Downtime)
Computer Operating Controls The objective of this control is to ensure the procedures are applied correctly & consistently during processing to limit the loss from bad debts and to encourage debtors to pay promptly.
Edit Checks
Formatting check Ensures the fields have been completed in the correct format.
Screen check (only check that is a manual check) Checking the info on the screen by the user to ensure accuracy on screen
Validity or existence check Ensures that the codes or files on the database does exist.
For example: stock codes checked to inventory master file
Limit or reasonableness check Ensures that the information captured in the fields falls below a pre-set boundary or limit
Field presence checks Ensures all the mandatory fields have been completed before moving to next step
Dependency check Ensures that there is interdependency of input with other fields.
Field size check Ensure that the number of characters enter into the required fields are correct.
Screen prompts Ensures a message will “pop up” and ask the user whether he wants to submit the on-line form.
Logic check Ensures that the totals has been added up correctly.
Specific character check Ensure that should the field require a specific character that it will be entered.
For example: spaces in the right place or a #
Sign check Ensures that the field has the corrective sign
Either positive/negative amount
Arithmetic check
Ensures that the journal does balance
Input controls Data input is the conversion from its original source into computer data, or entry into a computer application. Data can be entered into a computer application from either manual online input or by batch processing (automated).
Processing controls Data processing controls are used to ensure the accuracy, completeness, and timeliness of data during either batch or real-time processing by the computer application. Someone reviewing these controls should determine the adequacy of controls over application programs and related computer operations to ensure that data is accurately processed through the application and that no data is added, lost, or altered during processing
Output controls Data output is the distribution of any output produced. Output can be in hardcopy form, in the form of files used as input to other systems, or information available for online viewing.
Master file controls Files which are used to store only standing information (e.g. name, address and credit limits of debtors) and latest balances (e.g. outstanding balances of debtors). Changes to standing data on masterfile are referred to as materfile amendments.
Auditing in IT involves two approaches: auditing around the computer for smaller setups, and understanding complex systems with computer-assisted techniques.
Auditors use various software for auditing, including Data CAATs for substantive testing, generalized/customized audit software for data extraction, and system utilities/report writers for analysis. These tools aid in re-performing calculations, investigations, and analyses