Topic 9: Internal Controls II Flashcards
Accuracy
The aim of making sure that all data that enters the system are correct and reflect the actual events that are being recorded.
Application Controls
Manual or automated procedures that typically operate at a business process level and apply to the processing of transactions by individual applications.
Authorisation
Ensuring users have correctly defined access to information within a system and that transactions are executed and recorded by people with the appropriate authority.
Batch Processing
Data from transactions are accumulated in a group or batch and processed together.
Batch Total
A total that is added to a batch of documents and is used to make sure that all documents in the batch have been correctly processed. A batch total is usually a summation of data items with some meaning (e.g. a total of the individual invoice amounts for a batch of invoices). See also hash total.
Cold Site
An available office with basic telephone and electricity supplies ready for use should they be required.
Completeness
The aim of ensuring that all events that occur are recorded within the system.
Corrective Controls
Controls designed to correct an error or irregularity after it has occurred.
Detective Controls
Designed to alert those involved in the system when an error or anomaly occurs.
Disaster Recovery Plan
The strategy that the organisation will put into action in the event of a disaster that disrupts normal operations in order to resume operations as soon as possible and recover data that relate to its processes.
General Controls
Policies and procedures that relate to many applications and support the effective functioning of application controls.
Hash Total
A total that is similar to a batch total but the number that is added has no meaning by itself (e.g. a hash total of customer numbers). See also batch total.
Hot Site
A separate facility located away from the organisation’s usual premises that contains offices and the necessary resources (such as IT, telecommunications and data) to get the business back up and running in a minimal amount of time after a disaster occurs.
Independent Review
A control tool where the work of one person is reviewed by another, thus creating accountability.
Information Processing Controls
Controls put in place within the organisation to work towards the accuracy, completeness and authorisation of transactions.
Input Accuracy
The aim of ensuring all data entered into the system are correct.
Input Completeness
The aim of ensuring all transaction events and all required data relating to those events are captured within the system.
Input Controls
Controls with the aim of detecting errors or irregularities at the time data are first entered into the system.
Input Validity
The aim of ensuring that data entered into the system are in the correct format and valid.
Online Data Gathering and Batch Processing
Data from transactions are stored immediately but related data files are updated in a batch.
Online Real-time Data Processing
Data from transactions are captured immediately and the associated data file is updated immediately.
Output Controls
Controls designed to protect the outputs of the system.
Performance Reviews
Activities that involve some form of review or analysis of performance.
Physical Controls
Controls that are put in place to physically protect the resources of the organisation.
Preventive Controls
Controls designed to stop errors or irregularities occurring.
Processing Controls
Controls that operate with the aim of detecting any errors or irregularities during the processing of data.
Segregation of Duties
The concept that certain key functions are incompatible and should not be performed by the same person.
Timeliness
The aim of ensuring that information and data are available for users when required.
