IT (Computer) Auditing Flashcards
What is a disadvantage to IT?
What is an advantage to IT?
- Separation of duties
- Audit trail may be lacking
Advantage:
- Computer processing is uniform- computers don’t have “good days” and “bad days”
What are the two major categories of computer related controls?
1) General Controls- Have widespread impact on the specific applications
2) Application controls- affect particular data processing tasks (payroll, cash disbursements, etc)
What are the 5 categories of general controls
1) Organization and operation
2) system development & documentation
3) Hardware and software
4) Access
5) Data and procedures
What does organization and operation controls focus on?
Segregation of duties (within company and within within the IT department)
Within the IT department, what are the segregation of duties?
- System analyst (designs the system)
- Programer (develops code)
- Operator (runs the system)
- Librarian (keeps track of programs & data)
- Security (safeguards system including programs & data files)
What are the controls related to systems development & documentation?
- Must adequately document the initial system
- Must document any changes (and all changes must be appropriately authorized)
What are the hardware & software (built in controls)
- Parity check- between hardware components
- Echo check: transmission over phone lines
- Diagnostic routines: affecting hardware
- Boundary protection: separating multiple jobs
- Operating system: built into system software
access to data, software, and hardware should be limited to….l?
Authorized personnel
