IT Governance and Management - IT Functions and Controls Related to People Flashcards Preview

CPA - BEC > IT Governance and Management - IT Functions and Controls Related to People > Flashcards

Flashcards in IT Governance and Management - IT Functions and Controls Related to People Deck (6):
1

Organizational structure of IT

IT CONTROLS USUALLY General, Preventive

3 main functional areas

1) Applications Development
2) Systems administration and programming
3) Computer operations

2

Segregation of functions

Development, Admin & Programming, Operations must be segregated

3

Applications development

Responsible for creating new end-user computer applications and for maintaining existing applications

1) systems analysts - Responsible for analyzing and designing computer systems; also work with end users to define problem and identify solution
2) application programmers - work under systems analyst to write actual programs that process data and produce reports

4

System admin and programming

Maintains computer hardware and computing infrastructure and grants access to system resources

1) system administrators - responsible for management activities associated with system they control. Due to influence they wield, must not be permitted to participate directly in these systems' operations

2) system programmers - Maintain various operating systems and related hardware. Updating system for new software releases/installing new hardware. Because they are in dire contact with the production programs and data they are not permitted to have access to information about application programs or data files

5

Computer operations

Responsible for day-to-day operations of system.

1) data control - controls flow of all documents into and out of operations; for batch processing scheduling batches, monitors processing, and ensures that batch totals are reconciled. "QUALITY ASSURANCE"

2) data entry clerk - enters handwritten or printed records to covert them into electronic media; data entry clerk should not be responsible for reconciling batch totals, should not run programs, access system output, or have any involvement in application development and programming

3)computer operators - Responsible for operating the computer: loading program and data files, running the programs, and producing output

4)file libration - files and data not online stored in "file library" maintains controls over files, checking them in and out as only necessary

6

More on Segregation

1.
Computer operators and data entry personnel -- Should never be allowed to act as programmers.
2.
Systems programmers -- Should never have access to application program documentation.
3.
Data administrators -- Should never have access to computer operations ("live" data).
4.
Application programmers and systems analysts -- Should not have access to computer operations ("live" data).
5.
Application programmers and systems analysts -- Should not control access to data, programs, or computer resources.

Decks in CPA - BEC Class (62):