Computer Systems and Information Technology Flashcards
List and describe the three broad classes of computer controls?
General Controls - overall operation
Application Controls - Specific programs input, processing and output
User controls - human controls applied by individuals outside of the computer system
Name the categories of general computer controls?
controls over data center and network operations, system software acquisition, change and maintenance
access security
application system acquisition, development and maintenance
How is test data used to check a computer program?
a batch of transactions is entered into a software program with one valid transaction. if programmed properly it should handle the invalid transactions appropriately
What are some of the testing methods in auditing through the computer process?
test data approach
parallel simulation
embedded audit module approach
integrated test facility
What is a controlled program?
an original program copy that is kept unchanged to perform a parallel simulation.
What is an integrated test facility?
allows dummy data to be processed along with live data. if dummy data is processed correctly then it assumed live data is also processed correctly
What is a parallel simulation?
client data is processed in some type of controlled process, then same data processed using client’s software. results should be the same
What is the definition of online real-time processing?
direct access into the processing unit of main computer, changes made at a terminal are immediately processed and the effect of the changes are immediate
What are several controls to ensure computers, programs and data are adequately secured?
locked files
locked computers
passwords
ID numbers
access logs
restricted access to all computer hardware
exception reporting for failed attempts to access the system or data files
What separation of duties is particularly important in the IT department?
programmers be separate from system design and computer operators
access to data and system files should also be separate from program and system development
specific individuals charged with IT management who are responsible for oversight of IT functions
What are several application controls to keep bad or faulty data out of the computer system?
self-checking numbers
control totals
batch totals
item counts
hash totals
limit tests
validity checks
What is a self-checking number?
a number where the final digit or a digit in a consistent position within the number derived by some mathematical formula based on other digits in the number
What is being measured by item counts, hash totals, and batch totals?
item count is number of transactions
hash total is a number derived from a group of computer transactions that is not normally determined
batch total is a total normally derived but also used for control purposes
What is a limit test?
an application control where upper and lower limits are set for certain transactions
What is a validity check?
compares data being processed to an independent database