Documente Academic
Documente Profesional
Documente Cultură
Consideration of
Internal Control in
a Information
Technology
Environment
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-1
Moderate system
Basic general ledger system (e.g.., QuickBooks)
Expensive
ERP systems (e.g., SAP)
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-2
Nature of IT Systems
equipment
Software
Various programs and routines
for operating the system
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-3
Computer Hardware
Input/Output Devices
Auxiliary Storage
Card Readers
Arithmetic Unit
Magnetic Disks
Terminals
Magnetic Drums
Magnetic
Control Unit
Electronic Cash
Tapes
Registers
Compact Disks Optical Scanners
Magnetic Tape Drives
Magnetic Disk Drives
Optical Compact Disks
Optical
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-4
Software
Two Types:
Systems software
Programs that control and coordinate hardware
Application software
Programs designed to perform a specific data
processing task
Written in programming language (Example:
Java)
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-5
System Characteristics
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-6
Batch Processing
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-7
Online Capabilities
locations
Online real time (Example: Bank balance at
ATM)
8-8
Database Storage
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-9
IT Networks
Networks
Computers linked together through
telecommunication links that enable
computers to communicate information back
and forth
WAN, LAN
Internet, intranet, extranet
Electronic commerce
Involves electronic processing and
transmission of data between customer and
client
Electronic Data Interchange (EDI)
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-10
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-11
Internal Control in IT
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-12
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-13
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-14
Responsibilities
(1 of 2)
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-15
Responsibilities
(2 of 2)
IT Operations
Run and monitor central computers
Program and file library
Protect computer programs, master files and other
records from loss, damage and unauthorized use
Data Control
Reviews and tests all input procedures, monitors
processes and reviews IT logs
Telecommunications Specialists
Responsible for maintaining and enhancing IT networks
Systems Programming
Responsible for troubleshooting the operating system
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-16
Computer-Based Fraud
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-17
Internal Auditing in IT
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-18
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-19
IT Control Activities
General Control Activities
IT operations controls
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-20
Batch controls
Item count
Control total
Hash total
Processing controls
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-21
Example: Sales invoices generated by ITbased system tested for clerical accuracy and
pricing by the accounting clerk
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-22
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-23
Narrative
Systems flowchart
Program flowchart
Internal control questionnaires
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-24
Identify risks
Relate the identified risks to what can go
wrong at the relevant assertion level
Consider whether the risks are of a
magnitude that could result in a material
misstatement
Consider the likelihood that the risks
could result in a material misstatement
Evaluate effectiveness of related controls in
mitigating risks
Test of controls over IT-based systems
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-25
Test Data
Integrated Test Facility
Controlled Programs
Program Analysis Techniques
Tagging and Tracing Transactions
Generalized audit software parallel simulation
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-26
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-27
Copyright 2016 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
8-28