Core concepts of accounting information systems 13 by simkin norman chapter 14

48 82 0
  • Loading ...
Loading...
1/48 trang

Thông tin tài liệu

Ngày đăng: 15/05/2017, 12:44

Prepared by Paula Funkhouser University of Nevada, Reno Core Concepts of Accounting Information Systems, 13th Edition Mark G Simkin ● Jacob M Rose ● Carolyn S Norman Computer Controls for Organizations and Accounting Information Systems Chapter 14 Chapter 14: Computer Controls for Organizations and Accounting Information Systems • Introduction • Enterprise Level Controls • General Controls for Information Technology • Application Controls for Transaction Processing Copyright © 2015 John Wiley & Sons, Inc All rights reserved Enterprise Level Controls • Consistent policies and procedures • Management’s risk assessment process • Centralized processing and controls • Controls to monitor results of operations Copyright © 2015 John Wiley & Sons, Inc All rights reserved Enterprise Level Controls • Controls to monitor the internal audit function, the audit committee, and self-assessment programs • Period-end financial reporting process • Board-approved policies that address significant business control and risk management practices Copyright © 2015 John Wiley & Sons, Inc All rights reserved Risk Assessment and Security Policies Copyright © 2015 John Wiley & Sons, Inc All rights reserved Integrated Security for the Organization • Physical Security – Measures used to protect its facilities, resources, or proprietary data stored on physical media • Logical Security – Limit access to system and information to authorized individuals • Integrated Security – – Combines physical and logical elements Supported by comprehensive security policy Copyright © 2015 John Wiley & Sons, Inc All rights reserved Physical and Logical Security Copyright © 2015 John Wiley & Sons, Inc All rights reserved General Controls for Information Technology • Access to Data, Hardware, and Software • Protection of Systems and Data with Personnel Policies • Protection of Systems and Data with Technology and Facilities Copyright © 2015 John Wiley & Sons, Inc All rights reserved General Controls for Information Technology • IT general controls apply to all information systems • Major Objectives – Access to programs and data is limited to authorized users – Data and systems protected from change, theft, and loss – Computer programs are authorized, tested, and approved before usage Copyright © 2015 John Wiley & Sons, Inc All rights reserved Access to Data, Hardware, and Software • Utilization of strong passwords – or more characters in length… or longer – Different types of characters – Letters, numbers, symbols • Biometric identification – Distinctive user physical characteristics – Voice patterns, fingerprints, facial patterns, retina prints, body odor 10 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Input Controls • Purpose – Ensure validity – Ensure accuracy – Ensure completeness • Categories – Observation, recording, and transcription of data – Edit tests – Additional input controls 34 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Observation, Recording, and Transcription of Data • Confirmation mechanism • Dual observation • Point-of-sale devices (POS) • Preprinted recording forms 35 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Preprinted Recording Form 36 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Edit Tests • Input Validation Routines (Edit Programs) – Programs or subroutines – Check validity and accuracy of input data • Edit Tests – Examine selected fields of input data – Rejects data not meeting preestablished standards of quality 37 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Edit Tests 38 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Edit Tests 39 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Additional Input Controls • Validity Test – Transactions matched with master data files – Transactions lacking a match are rejected • Check-Digit Control Procedure 40 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Processing Controls • Purpose – Focus on manipulation of accounting data – Contribute to a good audit trail • Two Types – Control totals – Data manipulation controls 41 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Audit Trail 42 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Control Totals • Common Processing Control Procedures – Batch control total – Financial control total – Nonfinancial control total – Record count – Hash total 43 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Data Manipulation Controls • Data Processing – Following validation of input data – Data manipulated to produce decision-useful information • Processing Control Procedures – Software Documentation – Error-Testing Compiler – Utilization of Test Data 44 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Output Controls • Purpose – Ensure validity – Ensure accuracy – Ensure completeness • Major Types – Validating Processing Results – Regulating Distribution and Use of Printed Output 45 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Output Controls • Validating Processing Results – Preparation of activity listings – Provide detailed listings of changes to master files • Regulating Distribution and Use of Printed Output – Forms control – Pre-numbered forms – Authorized distribution list 46 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Study Break #4 A is a security appliance that runs behind a firewall and allows remote users to access entity resources by using wireless, handheld devices A Data encryption B WAN C Checkpoint D VPN 47 Copyright © 2015 John Wiley & Sons, Inc All rights reserved Study Break #5 Organizations use controls to prevent, detect, and correct errors and irregularities in transactions that are processed A Specific B General C Application D Input 48 Copyright © 2015 John Wiley & Sons, Inc All rights reserved .. .Chapter 14: Computer Controls for Organizations and Accounting Information Systems • Introduction • Enterprise Level Controls • General Controls for Information Technology... reserved General Controls for Information Technology • Access to Data, Hardware, and Software • Protection of Systems and Data with Personnel Policies • Protection of Systems and Data with Technology... Policies to Protect Systems and Data • Separation of Duties – Separate Accounting and Information Processing from Other Subsystems – Separate Responsibilities within IT Environment • Use of Computer
- Xem thêm -

Xem thêm: Core concepts of accounting information systems 13 by simkin norman chapter 14, Core concepts of accounting information systems 13 by simkin norman chapter 14, Core concepts of accounting information systems 13 by simkin norman chapter 14

Gợi ý tài liệu liên quan cho bạn

Nhận lời giải ngay chưa đến 10 phút Đăng bài tập ngay
Nạp tiền Tải lên
Đăng ký
Đăng nhập