Unit 8 ComputerBased Information Systems Control - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

Unit 8 ComputerBased Information Systems Control

Description:

Disaster Recovery/Business Continuity. Includes data backup and data recovery procedures, alternate processing ... On-Line Data Entry Controls. Control ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 18
Provided by: garyp5
Category:

less

Transcript and Presenter's Notes

Title: Unit 8 ComputerBased Information Systems Control


1
Unit 8Computer-Based Information Systems Control
2
Professional Certification
  • CPA
  • CISA
  • Certified Information Systems Auditor
  • Focus
  • ISACA The Information Systems Audit and
    Control Association Foundation
  • CISSP
  • Certified Information Systems Security
    Professional
  • Focus
  • (ISC)2 International Information Systems
    Security Certifications Consortium, Inc.

3
CPA Professional Competency
  • IT Control Objectives Includes completeness,
    accuracy, validity, integrity, timeliness, and
    authorization control objectives.
  • Control Activities and Design Includes effects
    of general controls, preventive controls,
    detective controls, automated controls, and user
    controls.
  • Physical Access Controls and Security Includes
    user identification, keypad device, and card
    reader controls access rights file attributes
    and passwords.
  • Roles and Responsibilities Within IT Department
    Includes roles and responsibilities of
    database/network/web administrators, computer
    operators, librarians, systems programmers, and
    applications programmers, and appropriate
    segregation of duties.
  • Disaster Recovery/Business Continuity Includes
    data backup and data recovery procedures,
    alternate processing facilities (hot sites), and
    threats and risk management.

AICPA Content Specification for the CPA Exam
4
Reliable Systems
  • What constitutes a reliable system?
  • Availability
  • Security
  • Maintainability
  • Change Management Controls
  • Integrity

5
Control Recommendations
  • The time worked field for salaried employees
    should contain a 01 for one week. One employees
    field contained the number 40, and a check for
    9,872.51 was accidentally prepared and mailed.

6
Control Recommendations
  • A programmer obtained the master payroll file,
    loaded it into the system, and changed his
    monthly salary from 4,400 to 6,000.

7
Control Recommendations
  • A company lost almost all its vital business data
    in a fire that destroyed the room in which it
    stored its magnetic disk and tapes.
  • Disaster Recovery Plans

8
Control Recommendations
  • A programmer quit the firm in the middle of an
    assignment. Because no other programmers could
    make sense of the work already completed, the
    project was started over from scratch.

9
Control Recommendations
  • A bank programmer obtained the disks containing
    the program that calculates interest on customer
    accounts. She loaded the program into the
    computer and modified it so the fractions of a
    cent from each interest calculation, which would
    otherwise be rounded off, were added to her
    account.

10
Control Recommendations
  • During keying of customer payment records, the
    digit 0 in a payment of 102.34 was mistakenly
    typed as the letter o. As a result the
    transaction was not processed correctly, and the
    customer received an incorrect statement.
  • Input Validation Routines / Edit Checks

11
Control Recommendations
  • An employee gained unauthorized access to the
    system by observing her supervisors user number
    and then correctly guessing the password after 12
    attempts.
  • Logical Access Controls

12
Control Recommendations
  • A salesperson for a PC manufacturer, keying in
    customer order from a remote laptop computer,
    entered an incorrect stock number. As a result an
    order for 50 monitors was place for a customer
    who wanted to order 50 PCs.
  • Input Validation Routines / Edit Checks

13
Control Recommendations
  • A salesperson received a laptop computer to enter
    sales orders while calling on customers. She used
    it to increase her own monthly salary by 500.
  • Logical Access Controls

14
Control Recommendations
  • A salesperson keying in a customer order from a
    remote computer inadvertently omitted the
    delivery address from the order.
  • On-Line Data Entry Controls

15
Control Recommendations
  • A companys research and development center
    utilizes remote PCs tied into its computer center
    100 miles away. Using a wiretap, the companys
    largest competitor stole secret plans for a major
    product innovation.

16
Control Recommendations
  • A server at a bank served terminal at eight
    drive-in windows. When the server failed, the
    bank was forced to shut down the windows for 2
    hours during a busy Friday afternoon.

17
Control Recommendations
  • A 20-minute power failure that shut down a firms
    computer system resulted in loss of data for
    several transactions that were being entered into
    the system from remote terminals.
  • Minimizing System Downtime
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Unit 8 ComputerBased Information Systems Control" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!