Chapter 8: General Controls and Application Controls
|
|
- Kristopher Francis
- 5 years ago
- Views:
Transcription
1 Accounting Information Systems: Essential Concepts and Applications Fourth Edition by Wilkinson, Cerullo, Raval, and Wong-On-Wing Chapter 8: General Controls and Application Controls Slides Authored by Somnath Bhattacharya, Ph.D. Florida Atlantic University
2 Introduction to Controls Controls may relate to manual AISs, to computer-based AISs, or both Controls may be grouped into General controls, Application controls, and Security measures Controls may also be grouped in terms of risk aversion: Corrective, Preventive, and Detective Controls These categories are intertwined and an appropriate balance is needed for an effective internal control structure
3 Control Classifications By Setting By Risk Aversion General Corrective Application } Input Processing Output Preventive Detective Figure 8-1
4 General Controls General Controls pertain to all activities involving a firm s AIS and resources (assets). They can be grouped as follows: Organizational or Personnel Controls Documentation Controls Asset Accountability Controls Management Practice Controls Information Center Operations Controls Authorization Controls Access Controls
5 Organizational or Personnel Controls - I Organizational independence, which separates incompatible functions, is a central control objective when designing a system Diligence of independent reviewers, including BOD, managers, and auditors (both internal and external) In a manual system, authorization, recordkeeping, and custodial functions must be kept separate. e.g., purchases, sales, cash handling, etc
6 Organizational or Personnel Controls - II In computer-based AISs the major segregation is between the systems development tasks, which create systems, and the data processing tasks, which operate systems Within data processing, one may find segregation between separate control (receiving & logging), data preparation (converting to machine readable form), computer operations, and data library - batch processing Other personnel controls include the two-week vacation rule
7 Flow of Batched Data in Computer-Based Processing Data Library User Departments Data Inputs Control Section Receive and Log Data Preparation Section Convert to machine readable media Computer Operations Process Section Files Files Outputs Errors to be corrected Log and Distribute Outputs To users (exception and summary report) Figure 8-4
8 Segregation of Functions in a Direct/Immediate Processing System User Departments Computer Operations Online Files (or data library for removable disks and backups Data Inputs Batch Files Displayed Outputs Process Printed or Plotted Outputs Online Files Figure 8-6
9 Documentation Controls Documentation consists of procedures manuals and other means of describing the AIS and its operations, such as program flowcharts and organizational charts In large firms, a data librarian is responsible for the control, storage, retention and distribution of documentation Storing a copy of documentation in a fireproof vault, and having proper checkout procedures are other examples of documentation controls. Use of CASEs
10 System Standards Documentation Systems development policy statements Program testing policy statements Computer operations policy statements Security and disaster policy statements
11 System Application Documentation Computer system flowcharts DFDs Narratives Input/output descriptions, including filled-in source documents Formats of journals, ledgers, reports, and other outputs Details concerning audit trails Charts of accounts File descriptions, including record layouts and data dictionaries Error messages and formats Error correction procedures Control procedures
12 Program Documentation Program flowcharts, decision tables, data structure diagrams Source program listings Inputs, formats, and sample filled-in forms Printouts of reports, listings, and other outputs Operating instructions Test data and testing procedures Program change procedures Error listings
13 Data Documentation Descriptions of data elements Relationships of specific data elements to other data elements
14 Operating Documentation Performance instructions for executing computer programs Required input/output files for specific programs Setup procedures for certain programs List of programmed halts, including related messages, and required operator actions for specific programs Recovery and restart procedures for specific programs Estimated run times of specific programs Distribution of reports generated by specific programs
15 User Documentation Procedures for entering data on source documents Checks of input data for accuracy and completeness Formats and uses of reports Possible error messages and correction procedures
16 Examples of Asset Accountability Controls Subsidiary ledgers provide a cross-check on the accuracy of a control account Reconciliations compare values that have been computed independently Acknowledgment procedures transfer accountability of goods to a certain person Logs and Registers help account for the status and use of assets Reviews & Reassessments are used to reevaluate measured asset values
17 Management Practice Controls Since management is responsible and thus over the internal control structure, they pose risks to a firm General controls include: Human resource Policies and Practices Commitment to Competence Planning Practices Audit Practices Management & Operational Controls In a computerized AIS, management should instigate a policy for: Controls over Changes to Systems New System Development Procedures
18 Examples of Computer Facility/Information Center Controls Proper Supervision over computer operators Preventive Diagnostic Programs to monitor hardware and software functions A Disaster Recovery Plan in the event of a man-made or natural catastrophe Hardware controls such as Duplicate Circuitry, Fault Tolerance and Scheduled Preventive Maintenance Software checks such as a Label Check and a Read-Write Check
19 Application Controls Application controls pertain directly to the transaction processing systems The objectives of application controls are to ensure that all transactions are legitimately authorized and accurately recorded, classified, processed, and reported Application controls are subdivided into input, processing and output controls
20 Authorization Controls - I Authorizations enforce management s policies with respect to transactions flowing into the general ledger system They have the objectives of assuring that: Transactions are valid and proper Outputs are not incorrect due to invalid inputs Assets are better protected Authorizations may be classified as general or specific
21 Authorization Controls - II A General authorization establishes the standard conditions for transaction approval and execution A Specific authorization establishes specific criteria for particular sums, events, occurrences, etc In manual and computerized batch processing systems, authorization is manifest through signatures, initials, stamps, and transaction documents In on-line computerized systems, authorization is usually verified by the system. e.g., validation of inventory pricing by code numbers in a general ledger package
22 Input Controls Input Controls attempt to ensure the validity, accuracy, and completeness of the data entered into an AIS. Input controls may be subdivided into: Data Observation and Recording Data Transcription (Batching and Converting) Edit tests of Transaction Data Transmission of Transaction Data
23 Controls for Data Observation and Recording The use of pre-numbered documents Keeping blank forms under lock and key Online computer systems offer the following features: Menu screens Preformatted screens Using scanners that read bar codes or other preprinted documents to reduce input errors Using feedback mechanisms such as a confirmation slip to approve a transaction Using echo routines
24 Data Transcription - I Data Transcription refers to the preparation of data for computerized processing and includes: Carefully structured source documents and input screens Batch control totals that help prevent the loss of transactions and the erroneous posting of transaction data The use of Batch control logs in the batch control section Amount control total totals the values in an amount or quantity field Hash total totals the values in an identification field Record count totals the number of source documents (transactions) in a batch
25 Data Transcription - II (Conversion of Transaction Data) Key Verification which consists of rekeying data and comparing the results of the two-keying operations Visual Verification which consists of comparing data from original source documents against converted data.
26 Examples of Batch Control Totals Financial Control Total - totals up dollar amounts (e.g., total of sales invoices) Non-financial Control Total - computes non-dollar sums (e.g., number of hours worked by employees) Record Count - totals the number of source documents once when batching transactions and then again when performing the data processing Hash Total - a sum that is meaningless except for internal control purposes (e.g., sum of customer account numbers)
27 Definition and Purpose of Edit Tests Edit Tests (programmed checks) are most often validation routines built into application software The purpose of edit tests is to examine selected fields of input data and to reject those transactions whose data fields do not meet the pre-established standards of data quality
28 Examples of Edit Tests (Programmed Checks) Validity Check (e.g., M = male, F = female) Limit Check (e.g., hours worked do not exceed 40 hours) Reasonableness Check (e.g., increase in salary is reasonable compared to base salary) Field Check (e.g., numbers do not appear in fields reserved for words) Sequence Check (e.g., successive input data are in some prescribed order) Range Check (e.g., particular fields fall within specified ranges - pay rates for hourly employees in a firm should fall between $8 and $20) Relationship Check (logically related data elements are compatible - employee rated as hourly gets paid at a rate within the range of $8 and $20)
29 Transmission of Transaction Data When data must be transmitted from the point of origin to the processing center and data communications facilities are used, the following checks should also be considered: Echo Check - transmitting data back to the originating terminal for comparison with the transmitted data Redundancy Data Check - transmitting additional data to aid in the verification process Completeness Check - verifying that all required data have been entered and transmitted.
30 Objectives of Processing Controls Processing Controls help assure that data are processed accurately and completely, that no unauthorized transactions are included, that the proper files and programs are included, and that all transactions can be easily traced Categories of processing controls include Manual Cross-checks, Processing Logic Checks, Run-to-Run Controls, File and Program Checks, and Audit Trail Linkages
31 Examples of Processing Controls Manual Cross-Checks - include checking the work of another employee, reconciliations and acknowledgments Processing Logic Checks - many of the programmed edit checks, such as sequence checks and reasonableness checks (e.g., payroll records) used in the input stage, may also be employed during processing
32 Examples of Processing Controls Run-to-Run Totals - batched data should be controlled during processing runs so that no records are omitted or incorrectly inserted into a transaction file File and Program Changes - to ensure that transactions are posted to the proper account, master files should be checked for correctness, and programs should be validated Audit Trail Linkages - a clear audit trail is needed to enable individual transactions to be traced, to provide support in general ledger balances, to prepare financial reports and to correct transaction errors or lost data
33 Output Controls Outputs should be complete and reliable and should be distributed to the proper recipients Two major types of output controls are: validating processing results regulating the distribution and use of printed output
34 Validating/Reviewing Processing Results Activity (or proof account) listings document processing activity and reflect changes made to master files Because of the high volume of transactions, large companies may elect to review exception reports that highlight material changes in master files
35 Regulating/Controlling Distribution of Printed Output Reports should only be distributed to appropriate users by reference to an authorized distribution list Sensitive reports should be shredded after use instead of discarding
36 Application Controls Arranged by Two Classification Plans Control Purpose Preventive Detective Corrective Control Stage Input Properly authorized transactions Well-designed and controlled source documents Batch control totals Adequate input edit tests (programmed checks) Sound error correction procedures Complete audit trail Processing Output Sound conversion control techniques Sound file maintenance procedures Adequate preventivetype programmed checks Distribution log of authorized users Run-to-run verifications Adequate detective-type programmed checks Reconciliation of computed totals with predetermined control totals Reviews of outputs and tests to source documents by users Complete audit trail Reviews of logs and procedures by internal auditors Review of errorcorrection statistics
37 Accounting Information Systems: Essential Concepts and Applications Fourth Edition by Wilkinson, Cerullo, Raval, and Wong-On-Wing Copyright 2000 John Wiley & Sons, Inc. All rights reserved. Reproduction or translation of this work beyond that permitted in Section 117 of the 1976 United States Copyright Act without the express written permission of the copyright owner is unlawful. Request for further information should be addressed to the Permissions Department, John Wiley & Sons, Inc. The purchaser may make back-up copies for his/her own use only and not for distribution or resale. The publisher assumes no responsibility for errors, omissions, or damages, caused by the use of these programs or from the use of the information contained herein.
Chapter 4: Data Management
Accounting Information Systems: Essential Concepts and Applications Fourth Edition by Wilkinson, Cerullo, Raval, and Wong-On-Wing Chapter 4: Data Management Slides Authored by Somnath Bhattacharya, Ph.D.
More informationChapter 3: AIS Enhancements Through Information Technology and Networks
Accounting Information Systems: Essential Concepts and Applications Fourth Edition by Wilkinson, Cerullo, Raval, and Wong-On-Wing Chapter 3: AIS Enhancements Through Information Technology and Networks
More informationConsideration of Internal Control in an Information Technology Environment
CHAPTER 8 Consideration of Internal Control in an Information Technology Environment Review Questions 8 1 System software monitors and controls hardware and provides other support to application programs.
More informationRISK ASSESSMENTS AND INTERNAL CONTROL CIS CHARACTERISTICS AND CONSIDERATIONS CONTENTS
CONTENTS Paragraphs Introduction... 1 Organizational Structure... 2 Nature of Processing... 3 Design and Procedural Aspects... 4 Internal Controls in a CIS Environment... 5 General CIS Controls... 6-7
More informationAuditing in an Automated Environment: Appendix B: Application Controls
Accountability Modules Auditing in an Automated Environment: Initials Date Agency Prepared By Reviewed By Audit Program - Application W/P Ref Page 1 of 1 The SAO follows control objectives established
More informationChapter 08. Consideration of Internal Control in an Information Technology Environment. McGraw-Hill/Irwin
Chapter 08 Consideration of Internal Control in an Information Technology Environment McGraw-Hill/Irwin Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved. Nature of IT Based Systems
More informationDefinition of Internal Control
Definition of Internal Control - To address and limit potential risks - designed, implemented and maintained by those charged with governance to provide reasonable assurance about the achievement of the
More informationIT Auditing, Hall, 3e
IT Auditing, an economic event that affects the assets and equities of the firm, is reflected in its accounts, and is measured in monetary terms. similar types of transactions are grouped together into
More informationChapter 2 Introduction to Transaction Processing
Chapter 2 Introduction to Transaction Processing TRUE/FALSE 1. Processing more transactions at a lower unit cost makes batch processing more efficient than real-time systems. T 2. The process of acquiring
More informationIntroduction to Transaction Processing
Modul ke: Introduction to Transaction Processing Fakultas Fakultas Ekonomi & Bisnis Iwan Setiadi, SE., M.Si Program Studi Akuntansi www.mercubuana.ac.id A Financial Transaction is... an economic event
More informationAUDITING (PART-18) (UNIT-III) INTERNAL CONTROL (PART 4)
1. INTRODUCTION AUDITING (PART-18) (UNIT-III) INTERNAL CONTROL (PART 4) Hello students welcome to the lecture series of auditing. Today we shall be taking up unit 3 rd and under unit 3 rd we shall continue
More informationIntroduction To IS Auditing
Introduction To IS Auditing Instructor: Bryan McAtee, ASA, CISA Bryan McAtee & Associates - Brisbane, Australia * Course, Presenter and Delegate Introductions * Definition of Information Technology (IT)
More informationTransaction Processing Systems
Chapter 5: Computer-Based Transaction Processing Transaction Processing Systems A fundamental task in any AIS is to process transactions affecting the organization Transaction processing systems(ss) involve
More informationIntroduction. Controlling Information Systems. Threats to Computerised Information System. Why System are Vulnerable?
Introduction Controlling Information Systems When computer systems fail to work as required, firms that depend heavily on them experience a serious loss of business function. M7011 Peter Lo 2005 1 M7011
More information4. The portion of the monthly bill from a credit card company is an example of a turn-around document.
Chapter 2 Introduction to Transaction Processing Introduction to Accounting Information Systems, 8e Test Bank, Chapter 2 TRUE/FALSE 1. Processing more transactions at a lower unit cost makes batch processing
More informationChapter 2 Introduction to Transaction Processing
Chapter 2 Introduction to Transaction Processing TRUE/FALSE 1. Processing more transactions at a lower unit cost makes batch processing more efficient than real-time systems. T 2. The process of acquiring
More informationFull file at https://fratstock.eu INTRODUCTION TO TRANSACTION PROCESSING
CHAPTER 2 2-1 OUTLINE OF CHAPTER 2 Learning Objectives An Overview of Transaction Processing Transaction Cycles The Expenditure Cycle The Conversion Cycle The Revenue Cycle Accounting Records Manual Systems
More informationCHAPTER 2 INTRODUCTION TO TRANSACTION PROCESSING
Chapter 2 Page 20 REVIEW QUESTIONS CHAPTER 2 INTRODUCTION TO TRANSACTION PROCESSING. The expenditure cycle, conversion cycle, and revenue cycle. 2. Purchases/accounts payable system, cash disbursements
More informationStreamlined Sales and Use Tax Agreement (11/12/02) Certification and Auditing Standards
Streamlined Sales and Use Tax Agreement (11/12/02) Certification and Auditing Standards D R A F T (rev 5/6/03) SECTION I - INTRODUCTION Article V, Section 501, of the Streamlined Sales and Use Tax Agreement,
More informationCONTROLLING COMPUTER-BASED INFORMATION SYSTEMS, PART I
CHAPTER CONTROLLING COMPUTER-BASED INFORMATION SYSTEMS, PART I The basic topic of internal control was introduced in 3. These next two chapters discuss the implications of automating the accounting information
More informationCHAPTER 3: DAILY PROCEDURES
Chapter 3: Daily Procedures CHAPTER 3: DAILY PROCEDURES Training Objectives Actively participating during this chapter helps you to: Understand the different types of transactions and the procedures for
More informationSage General Ledger User's Guide. May 2017
Sage 300 2018 General Ledger User's Guide May 2017 This is a publication of Sage Software, Inc. 2017 The Sage Group plc or its licensors. All rights reserved. Sage, Sage logos, and Sage product and service
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationInformation Security Policy
April 2016 Table of Contents PURPOSE AND SCOPE 5 I. CONFIDENTIAL INFORMATION 5 II. SCOPE 6 ORGANIZATION OF INFORMATION SECURITY 6 I. RESPONSIBILITY FOR INFORMATION SECURITY 6 II. COMMUNICATIONS REGARDING
More informationTHE TEXAS A&M UNIVERSITY SYSTEM RECORDS RETENTION SCHEDULE
2.1.001 02.100.10 01.404.10 Curriculum Files, including Revisions, Departmental US+5 01.405.10 Instructor/Faculty Evaluations +1 =Academic term 01.406.10 Instructor Grade Books +1 =Academic term 01.407.10
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationRecords Retention Schedule
Retention Schedule Form C must Record Title Storage 1. Page 18 of 104 106 Category 2: Electronic Data Processing Section 2.1 Automated Applications 2.1.001 38 Automated Files - Processing Files Machine-readable
More informationCONTROL AUDIT AND SECURITY OF INFORMATION SYSTEM
MODULE 12 CONTROL AUDIT AND SECURITY OF INFORMATION SYSTEM Contents 1. MOTIVATION AND LEARNING GOALS 2. LEARNING UNIT 1 Controls in Information systems 3. LEARNING UNIT 2 Need and methods of auditing Information
More informationSECTION 15 KEY AND ACCESS CONTROLS
15.1 Definitions A. The definitions in this section shall apply to all sections of the part unless otherwise noted. B. Definitions: Access Badge / Card a credential used to gain entry to an area having
More informationTable of Contents General Information Table Maintenance Top Ten Reports
Table of Contents General Information 1 Windows Print Manager 1 Print Button for Documents 1 Print Spooling 1 Print Spool Buttons 2 Report Destination 2 Single document 3 All Documents 3 Delete 3 Clear
More informationSystems Analysis and Design
Systems Analysis and Design Alan Dennis, Barbara Haley Wixom, and Roberta Roth John Wiley & Sons, Inc. Slides by Candace S. Garrod Red Rocks Community College 9-1 User Interfaces Chapter 9 9-2 Key Definitions
More informationPetunia Patch. Module 1. Transactions for June 3-9. Level 1. 1 st Web-Based Edition
Petunia Patch Level 1 1 st Web-Based Edition Module 1 Transactions for June 3-9 Page 1 BEGIN THE PROGRAM AND RECORD THE TRANSACTIONS When you have: (1) carefully read the Introduction, (2) a good understanding
More informationAuditing in an Automated Environment: Appendix E: System Design, Development, and Maintenance
Accountability Modules Auditing in an Automated Environment: Agency Prepared By Initials Date Reviewed By Audit Program - System Design, Development, and Maintenance W/P Ref Page 1 of 1 Procedures Initials
More informationPART 5: INFORMATION TECHNOLOGY RECORDS
PART 5: INFORMATION TECHNOLOGY RECORDS SECTION 5 1: RECORDS OF AUTOMATED APPLICATIONS GR5800 01 AUDIT TRAIL RECORDS Files needed for electronic data audits such as files or reports showing transactions
More informationContents. Process flow diagrams and other documentation
Process flow diagrams and other documentation Contents 1. Audit lessons 2. Process flows 3. Flowcharts 4. Information produced by entity (IPE) 5. Documentation Topic 1: Audit lessons Audit lessons Teams
More informationBrandon s Cabinet Shop
Brandon s Cabinet Shop Module 1 Transactions For June 3-9 Page 1 Begin Brandon s Cabinet Shop Record the transactions When you have: (1) carefully read the Introduction, (2) a good understanding of the
More informationInformation Technology Security Plan Policies, Controls, and Procedures Protect: Identity Management and Access Control PR.AC
Information Technology Security Plan Policies, Controls, and Procedures Protect: Identity Management and Access Control PR.AC Location: https://www.pdsimplified.com/ndcbf_pdframework/nist_csf_prc/documents/protect/ndcbf_
More informationPeopleSoft Finance Access and Security Audit
PeopleSoft Finance Access and Security Audit City of Minneapolis Internal Audit Department September 20, 2016 1 Contents Page Background... 3 Objective, Scope and Approach... 3 Audit Results and Recommendations...
More informationCertified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting
More informationFinancials Module: General Ledger
The Priority Enterprise Management System Financials Module: General Ledger Contents Introduction... 2 Chart of Accounts... 2 Entry Journal... 4 Reconciliations... 7 Financial Statements... 9 Cash Flow...
More informationCompliance Matrix for 21 CFR Part 11: Electronic Records
Compliance Matrix for 21 CFR Part 11: Electronic Records Philip E. Plantz, PhD, Applications Manager David Kremer, Senior Software Engineer Application Note SL-AN-27 Revision B Provided By: Microtrac,
More informationAgilent ICP-MS ChemStation Complying with 21 CFR Part 11. Application Note. Overview
Agilent ICP-MS ChemStation Complying with 21 CFR Part 11 Application Note Overview Part 11 in Title 21 of the Code of Federal Regulations includes the US Federal guidelines for storing and protecting electronic
More informationCHAPTER 2 INTRODUCTION TO TRANSACTION PROCESSING. 1. The expenditure cycle, conversion cycle, and revenue cycle.
Solution Manual for Accounting Information Systems 9th Edition by Hall Link full download: http://testbankair.com/download/solution-manual-foraccounting-information-systems-9th-edition-by-hall/ CHAPTER
More informationCASH MANAGEMENT TRAINING FY2018
CASH MANAGEMENT TRAINING FY2018 Katie Mahoney katherine.mahoney@maine.edu 780-4484 The Office of Finance & Administration University of Southern Maine University of Maine System - 1 - Cash Collection The
More informationSECURITY PLAN DRAFT For Major Applications and General Support Systems
SECURITY PLAN For Major Applications and General Support Systems TABLE OF CONTENTS EXECUTIVE SUMMARY A. APPLICATION/SYSTEM IDENTIFICATION A.1 Application/System Category Indicate whether the application/system
More information21 CFR Part 11 LIMS Requirements Electronic signatures and records
21 CFR Part 11 LIMS Requirements Electronic signatures and records Compiled by Perry W. Burton Version 1.0, 16 August 2014 Table of contents 1. Purpose of this document... 1 1.1 Notes to version 1.0...
More information1 Overview of Database Management
1 Overview of Database Management 1.1 Data, information and knowledge 1.1.1 Data Data is/are the facts of the World. For example, take yourself. You may be 5ft tall, have brown hair and blue eyes. All
More informationRECORDS AND INFORMATION MANAGEMENT AND RETENTION
RECORDS AND INFORMATION MANAGEMENT AND RETENTION Policy The Health Science Center recognizes the need for orderly management and retrieval of all official records and a documented records retention and
More informationSparta Systems TrackWise Digital Solution
Systems TrackWise Digital Solution 21 CFR Part 11 and Annex 11 Assessment February 2018 Systems TrackWise Digital Solution Introduction The purpose of this document is to outline the roles and responsibilities
More informationVOLUME 14 - Audit Trails and System Controls
Defense Finance and Accounting Service DFAS 7900.4 M Financial Requirements Manual Volume 14, Audit Trails and System Controls April 2017 Strategy, Policy and Requirements SUBJECT: Description of Requirement
More informationLeveraging ALCOA+ Principles to Establish a Data Lifecycle Approach for the Validation and Remediation of Data Integrity. Bradford Allen Genentech
Leveraging ALCOA+ Principles to Establish a Data Lifecycle Approach for the Validation and Remediation of Data Integrity Bradford Allen Genentech 1 Agenda Introduction Data Integrity 101 Review What is
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationMIS 5121: Business Process, ERP Systems & Controls Week 9: Security: User Management, Segregation of Duties (SOD)
MIS 5121: Business Process, ERP Systems & Controls Week 9: Security: User Management, Segregation of Duties (SOD) Edward Beaver Edward.Beaver@temple.edu ff Video: Record the Class Discussion v Something
More informationSecurity Policies and Procedures Principles and Practices
Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability
More informationBank Reconciliation Release 2015
Bank Reconciliation Release 2015 Disclaimer This document is provided as-is. Information and views expressed in this document, including URL and other Internet Web site references, may change without notice.
More informationPSAB Supplement 21 Records Retention and Disposition
PSAB Supplement 21 Records Retention and Disposition MANUAL OF PROCEDURES PSAB SUPPLEMENT 21 RECORDS, RETENTION AND DISPOSITION TABLE OF CONTENTS PURPOSE... 1 STATUTORY AUTHORITY... 1 SCHEDULES FOR RETENTION
More informationRECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES
RECORDS MANAGEMENT DEPARTMENT OF THE TREASURY, DIVISION OF REVENUE AND ENTERPRISE SERVICES, RECORDS MANAGEMENT SERVICES RECORDS MANAGEMENT SERVICES Records Management Services, Division of Revenue and
More informationMicrosoft Dynamics GP. RapidStart Services
Microsoft Dynamics GP RapidStart Services January 31, 2013 Copyright Copyright 2013 Microsoft. All rights reserved. Limitation of liability This document is provided as-is. Information and views expressed
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationAdobe Sign and 21 CFR Part 11
Adobe Sign and 21 CFR Part 11 Today, organizations of all sizes are transforming manual paper-based processes into end-to-end digital experiences speeding signature processes by 500% with legal, trusted
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationEXCERPT. NIST Special Publication R1. Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
EXCERPT NIST Special Publication 800-171 R1 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations An Excerpt Listing All: Security Requirement Families & Controls Security
More informationData Entry Oracle FLEXCUBE Universal Banking Release [May] [2011] Oracle Part Number E
Data Entry Oracle FLEXCUBE Universal Banking Release 11.3.0 [May] [2011] Oracle Part Number E51511-01 Table of Contents Data Entry 1. ABOUT THIS MANUAL... 1-1 1.1 INTRODUCTION... 1-1 1.1.1 Audience...
More informationAgilent Response to 21CFR Part11 requirements for the Agilent ChemStation Plus
Agilent Response to 21CFR Part11 requirements for the Agilent ChemStation Plus 1. Preface This document describes which requirements of the FDA s rule for electronic records and electronic signature (21
More informationPage 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES
002 5 R1. Each Responsible Entity shall implement a process that considers each of the following assets for purposes of parts 1.1 through 1.3: i. Control Centers and backup Control Centers; ii. Transmission
More informationIntegration of Agilent UV-Visible ChemStation with OpenLAB ECM
Integration of Agilent UV-Visible ChemStation with OpenLAB ECM Compliance with Introduction in Title 21 of the Code of Federal Regulations includes the US Federal guidelines for storing and protecting
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationRecords Management and Retention
Records Management and Retention Category: Governance Number: Audience: University employees and Board members Last Revised: January 29, 2017 Owner: Secretary to the Board Approved by: Board of Governors
More informationSparta Systems TrackWise Solution
Systems Solution 21 CFR Part 11 and Annex 11 Assessment October 2017 Systems Solution Introduction The purpose of this document is to outline the roles and responsibilities for compliance with the FDA
More informationMicrosoft Dynamics GP Professional Services Tools Library
Microsoft Dynamics GP 2013 Professional Services Tools Library Copyright Copyright 2012 Microsoft Corporation. All rights reserved. Limitation of liability This document is provided as-is. Information
More informationData. Entities. Accounting Information Systems. Chapter 4: Data Management
Accounting Information Systems Chapter 4: Data Management Data Data may be defined broadly to include two interrelated components: Data Models that provide structure to data File Orientation Data-base
More informationCHAPTER 2 INTRODUCTION TO TRANSACTION PROCESSING
CHAPTER 2 INTRODUCTION TO TRANSACTION PROCESSING REVIEW QUESTIONS 1. The expenditure cycle, conversion cycle, and revenue cycle. 2. Purchases/accounts payable system, cash disbursements system, and payroll
More informationCYMA IV. Accounting for Windows. CYMA IV Getting Started Guide. Training Guide Series
CYMA IV Accounting for Windows Training Guide Series CYMA IV Getting Started Guide November 2010 CYMA Systems, Inc. 2330 West University Drive, Suite 4 Tempe, AZ 85281 (800) 292-2962 Fax: (480) 303-2969
More informationUser's Guide. Alpha Five Accounting. Accounting Made Easy. Version 3.0. Copyright BetaSoft LLC - All Rights Reserved
User's Guide Alpha Five Accounting Copyright 1995-2002 BetaSoft LLC - All Rights Reserved Accounting Made Easy Version 3.0 Alpha Five is a trademark of Alpha Software Corp. i ii Table of Contents INTRODUCTION...1
More informationFull file at
CHAPTER 2 INTRODUCTION TO TRANSACTION PROCESSING REVIEW QUESTIONS 1. The expenditure cycle, conversion cycle, and revenue cycle. 2. Purchases/accounts payable system, cash disbursements system, and payroll
More informationOpenLAB ELN Supporting 21 CFR Part 11 Compliance
OpenLAB ELN Supporting 21 CFR Part 11 Compliance White Paper Overview Part 11 in Title 21 of the Code of Federal Regulations includes the US Federal guidelines for storing and protecting electronic records
More informationAccounting Information Systems, 2e (Kay/Ovlia) Chapter 2 Accounting Databases. Objective 1
Accounting Information Systems, 2e (Kay/Ovlia) Chapter 2 Accounting Databases Objective 1 1) One of the disadvantages of a relational database is that we can enter data once into the database, and then
More informationChapter 11: Data Management Layer Design
Systems Analysis and Design With UML 2.0 An Object-Oriented Oriented Approach, Second Edition Chapter 11: Data Management Layer Design Alan Dennis, Barbara Wixom, and David Tegarden 2005 John Wiley & Sons,
More informationACH Audit Guide Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2018
Publications ACH Audit Guide Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2018 Price: $399 Member Price: $199 (Publication #500-18) A new approach to payments advising
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationISSUE N 1 MAJOR MODIFICATIONS. Version Changes Related Release No. PREVIOUS VERSIONS HISTORY. Version Date History Related Release No.
ISSUE N 1 MAJOR MODIFICATIONS Version Changes Related Release No. 01 First issue. 2.8.0 PREVIOUS VERSIONS HISTORY Version Date History Related Release No. N/A N/A N/A N/A APPROVAL TABLE Signatures below
More informationMicrosoft Dynamics GP: General Ledger Year-End Closing Procedures
Microsoft Dynamics GP: General Ledger Year-End Closing Procedures Introduction This article outlines the recommended year-end closing procedures for Microsoft Dynamics GP. This article contains a checklist
More informationApplication Control Review. August 4, 2012
Application Control Review August 4, 2012 Application Controls Review - Scope Web security Access Controls Password Controls Service Level Agreement Database Access Controls Perimeter Security Controls
More informationTable of Contents *** IMPORTANT NOTE ***
Table of Contents Using QuickBooks With E2 Pg. 2 Installing the Interface File Pg. 3 Conversion from QuickBooks Pg. 4 Settings in E2 for Sync Option Pg. 6 Settings in QuickBooks for Sync option Pg. 7 Transferring
More informationThe Data Organization
C V I T F E P A O TM The Data Organization 1251 Yosemite Way Hayward, CA 94545 (510) 303-8868 rschoenrank@computer.org Business Intelligence Process Architecture By Rainer Schoenrank Data Warehouse Consultant
More informationFRAUD-RELATED INTERNAL CONTROLS
GLOBAL HEADQUARTERS THE GREGOR BUILDING 716 WEST AVE AUSTIN, TX 78701-2727 USA TABLE OF CONTENTS I. THE NEED FOR INTERNAL CONTROLS Example... 1 Threats to an Organization s Internal Control Environment...
More informationACH Audit Guide for Third-Party Senders Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2017
Publications ACH Audit Guide for Third-Party Senders Step-by-Step Guidance and Interactive Form For Internal ACH Audits Audit Year 2017 Price: $250 Member Price: $125 (Publication #505-17) A new approach
More informationTHE CORPORATE CON: INTERNAL FRAUD AND THE AUDITOR
THE CORPORATE CON: INTERNAL FRAUD AND THE AUDITOR GLOBAL HEADQUARTERS THE GREGOR BUILDING 716 WEST AVE AUSTIN, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION Video Supplement... 1 Course Objectives
More informationSystem Assessment Report Relating to Electronic Records and Electronic Signatures; 21 CFR Part 11. System: tiamo (Software Version 2.
Page 1 /15 System Assessment Report Relating to Electronic Records and Electronic Signatures; 21 CFR Part 11 System: tiamo (Software Version 2.5) Page 2 /15 1 Procedures and Controls for Closed Systems
More informationTrust Services Principles and Criteria
Trust Services Principles and Criteria Security Principle and Criteria The security principle refers to the protection of the system from unauthorized access, both logical and physical. Limiting access
More informationMicrosoft Dynamics GP Professional Services Tools Library
Microsoft Dynamics GP 2015 Professional Services Tools Library Copyright Copyright 2014 Microsoft Corporation. All rights reserved. Limitation of liability This document is provided as-is. Information
More informationB. H. Gardi College of Engineering & Technology, RAJKOT Department of Master of Computer Application. MCA Lecturer At GARDI VIDYAPITH RAJKOT.
Prepared By :- Mr. Ajay A. Ardeshana MCA Lecturer At GARDI VIDYAPITH RAJKOT. Email :- ajay.24021985@gmail.com Mobile :- + 91 95588 20298 Chap5er - 6 SYSTEM ENGINEERING (SSAD SSAD) Mobile : 9558820298 1
More informationCHAPTER 5: Representing Numerical Data
CHAPTER 5: Representing Numerical Data The Architecture of Computer Hardware and Systems Software & Networking: An Information Technology Approach 4th Edition, Irv Englander John Wiley and Sons 2010 PowerPoint
More informationSparta Systems Stratas Solution
Systems Solution 21 CFR Part 11 and Annex 11 Assessment October 2017 Systems Solution Introduction The purpose of this document is to outline the roles and responsibilities for compliance with the FDA
More informationv.5 Accounts Payable: Best Practices
v.5 Accounts Payable: Best Practices (Course #V210) Presented by: Dave Heston Shelby Consultant 2017 Shelby Systems, Inc. Other brand and product names are trademarks or registered trademarks of the respective
More informationPart 11 Compliance SOP
1.0 Commercial in Confidence 16-Aug-2006 1 of 14 Part 11 Compliance SOP Document No: SOP_0130 Prepared by: David Brown Date: 16-Aug-2006 Version: 1.0 1.0 Commercial in Confidence 16-Aug-2006 2 of 14 Document
More informationSage Pastel Accounting. Year End Procedures Sage Pastel Partner V
Sage Pastel Accounting Year End Procedures Sage Pastel Partner V14 2015 Contents Welcome to your Pastel Partner Year End Guide 3 Website and online support 3 Support operating hours 3 Contacting Chips
More informationAlan Dennis, Barbara Haley Wixom, and
Systems Analysis and Design Alan Dennis, Barbara Haley Wixom, and David Tegarden Chapter 14: Construction Copyright 2005 John Wiley & Sons, Inc. Slide 1 Copyright 2005 John Wiley & Sons, Inc. All rights
More informationINFORMATION. Guidance on the use of the SM1000 and SM2000 Videographic Recorders for Electronic Record Keeping in FDA Approved Processes
INFORMATION No. INF02/70 Issue 3 Date: October 2007 Product SM1000 and SM2000 Videographic Recorders Manuals IM/SM1000 and IM/SM2000 Guidance on the use of the SM1000 and SM2000 Videographic Recorders
More informationHow to Receive on a Purchase Order
Module: Purchasing Topic: Purchase Order Receiving How to Receive Munis Version 11.1 How to Receive on a Purchase Order Objective This document provides instructions on how to record the receipt of items
More information