BEC 6 M5: Processing Integrity Flashcards
Three components of a system
- input
- output
- process
Typical input controls
- data validation at the field level (edit checks, meaningful error messages, etc.)
- prenumbering forms to prevent incompleteness or duplicates
- well-defined source data preparation procedures use to collect and prepare source documents
processing controls
- data matching
- file labels
- recalculation of batch/hash totals
- cross-footing and zero-balance tests
- Write-protection mechanisms
- database processing integrity procedures
Output controls
- user review of output
- reconciliation procedures
- external data reconciliation
- output encryption
Database processing Integrity Procedures
- admin establishes/enforces procedures for accessing/updating database
- data dictionary ensures data items are defined and used consistently
- concurrent update controls to prevent multiple users attempting to update the same record concurrently
What does continuous processing integrity mean?
have data integrity that is consistent and accurate throughout processing cycle
diagnostic controls
designed to achieve efficiency in operations of the form to get the most from resources used. compares actual performance with planned performance
application programer
responsible for writing and/or maintaining application programs
systems programmer
responsible for installing, supporting (troubleshooting), monitoring, and maintaining the operating system
computer operators
responsible for scheduling and running processing jobs (usually automated)
File Librarian
store and protect programs from damage and unauthorized use
Data Librarian
has cusotdy of and maintains the entity’s data and ensures that production data is released only to authorized individuals (usually automated)
Security administrator
assigns initial passwords and maintenance of passwords
end user
anybody who enters data into a system or who use the info processed by the system
Issue with system analyst and computer programmer being the same person
the person could easily bypass security systems because they are incharge of both hardware and software
Issues with computer operators and computer programmers being the same person
person could make unauthorized and undetected program changes
problem being the security admin and computer operator/programer
this person could give himself or another access to areas they are not authorized to enter
primary objective of data security controls
ensure that storage media are subject to authorization prior to access, change or destruction
batch totals
totals of dollar fields in transactions
hash totals
totals of fields in transactions other than dollars
grandfather-father-son file rotation prcedure
can be used to either recover from processing problems or retain files off-site for disaster recovery
four major functions of transaction processing
- data storage
- data input
- data processing
- info output
