ACCA/CAT

导航

ACCA高级业绩管理讲义:ApplicationITControls

来源 :中华考试网 2017-04-06

  1. Application IT Controls

  Application controls are specific to each such application. For example, controls over trade receivables will be very different from those over inventory of the payroll. The objectives of application controls, which may be manual or programmed, are to ensure that all transactions are valid, authorised, recorded and complete. There are four categories:

  Input controls

  Processing controls

  Output controls

  Master (standing data) file controls.

  2. Input Controls

  In evaluating input controls, it is necessary to consider how effective they are likely to be in minimising the following risks:

  Entry of unauthorised data (e.g. "dummy" employees on the payroll or fictitious invoices).

  Data entry that is not relevant to the application.

  Incomplete data entry (e.g. not all cash sales are recorded, which enables dishonest staff to misappropriate cash).he cycle.

  Input controls include:

  Controls over access to the application typically using passwords.

  Batch controls

  Input authorisation

  Error reporting and batch handling

  3. Processing Controls

  Processing controls focus on the accurate processing of the data— what takes place "in the box". The processing controls should ensure that the following are avoided:

  Inaccurate processing of transactions that may lead to wrong outputs or results (e.g. incorrect inventory balances or incorrect calculation of payroll taxes).

  Incomplete processing of transactions.

  Unauthorised changes to data.

  Lack of audit trail.

  Processing controls include data validation as well as controls over data processing:

  Check digits

  Range or reasonableness checks

  Existence check

  Mismatch reports

  Sequence check

  Format checks

  4. Output Controls

  These controls are incorporated to ensure that computer output is complete, accurate and correctly distributed. It may be noted that weakness in processing may sometimes be compensated by strong controls over output. However, strong controls over input and processing can be completely undermined if output is uncontrolled. Reconciliations at the end of the output stage can provide very considerable assurance over the completeness and accuracy of input and processing.

  5. Standing Data File Controls

  Strong controls need to be put in place to ensure any changes to such data are valid.*

  Controls will include:

  Restricted access to the standing data.

  Segregation of duties between those that process transactions and those that maintain standing data.

  Documented authorisation of changes to standing data.

  Periodic examination of the standing data and agreement to supporting records.

分享到

相关推荐