processing integrity and availability controls
DESCRIPTION
Processing Integrity and Availability Controls. Chapter 10. Processing Integrity Controls. Input Forms design Sequentially prenumbered Control to identify potential missing transaction Cut down on errors by making data entry easier Turnaround documents Eliminate errors in data entry. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/1.jpg)
Copyright © 2015 Pearson Education, Inc.
Processing Integrity and Availability ControlsChapter 10
10-1
![Page 2: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/2.jpg)
Copyright © 2015 Pearson Education, Inc.
Processing Integrity Controls
•Input▫Forms design Sequentially prenumbered
Control to identify potential missing transaction Cut down on errors by making data entry easier
▫Turnaround documents Eliminate errors in data entry
10-2
![Page 3: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/3.jpg)
Copyright © 2015 Pearson Education, Inc.
Processing Integrity: Data Entry Controls
• Field check▫Characters in a field are
proper type • Sign check
▫Data in a field is appropriate sign (positive/negative)
• Limit check▫Tests numerical amount
against a fixed value• Range check
▫Tests numerical amount against lower and upper limits
• Size check▫Input data fits into the field
• Completeness check▫Verifies that all required data
is entered• Validity check
▫Compares data from transaction file to that of master file to verify existence
• Reasonableness test▫Correctness of logical
relationship between two data items
• Check digit verification▫Recalculating check digit to
verify data entry error has not been made
10-3
![Page 4: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/4.jpg)
Copyright © 2015 Pearson Education, Inc.
Additional Data Entry Controls• Batch processing
▫Sequence check Test of batch data in
proper numerical or alphabetical sequence
▫Error logs▫Batch totals
Summarize numeric values for a batch of input records Financial total Hash total Record count
• Online▫Employee Access controls▫Automatic data entry▫Prompting
System prompts you for input (online completeness check)
▫Closed-loop verification Checks accuracy of input
data by using it to retrieve and display other related information (e.g., customer account # retrieves the customer name)
▫Transaction logs▫Error Messages
10-4
![Page 5: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/5.jpg)
Copyright © 2015 Pearson Education, Inc.
Processing Controls• Data matching
▫Two or more items must be matched before an action takes place
• File labels▫Ensures correct and most
updated file is used• Recalculation of batch
totals
• Cross-footing ▫Verifies accuracy by
comparing two alternative ways of calculating the same total
• Zero-balance tests▫For control accounts (e.g.,
payroll clearing)• Write-protection mechanisms
▫Protect against overwriting or erasing data
• Concurrent update controls▫Prevent error of two or
more users updating the same record at the same time
10-5
![Page 6: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/6.jpg)
Copyright © 2015 Pearson Education, Inc.
Output Controls•User review of output•Reconciliation
Procedures to reconcile to control reports (e.g., general ledger A/R account reconciled to Accounts Receivable Subsidiary Ledger)
•External data reconciliation•Data transmission controls
Check sums▫Hash of file transmitted, comparison made of hash before and after transmission
Parity checking▫Bit added to each character transmitted, the characters can then be verified for accuracy
10-6
![Page 7: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/7.jpg)
Copyright © 2015 Pearson Education, Inc.
Output Controls•Message Acknowledgment Techniques for data transmission (let the sender of an electronic message know that a message was received)▫Echo Check When data are transmitted, the system calculates a summary statistic , receiving unit performs the same calculation and sends back to source. If they agree, accuracy is assumed
▫Trailer Record sending unit stores control totals in a trailer record
receiving unit uses that information to verify that the entire message was received
10-7
![Page 8: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/8.jpg)
Copyright © 2015 Pearson Education, Inc.
Processing Integrity Controls(Spreadsheets)
•Spreadsheets usually developed by end user
•Lack of application controls•Solutions
▫Multiple people evaluate all cells for possible error
▫Cell formulas. Do not hardwireUse cell references
▫input/output section
10-8
![Page 9: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/9.jpg)
Copyright © 2015 Pearson Education, Inc.
Controls Ensuring Availability•Systems or information need to be available 24/7▫It is not possible to ensure this so:
10-9
![Page 10: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/10.jpg)
Copyright © 2015 Pearson Education, Inc.
Availability Controls• Preventive maintenance• Fault tolerance
▫Use of redundant components
• Data center location and design▫Raised floor▫Fire suppression▫Air conditioning▫Uninterruptible power
supply (UPS) or back-up generator
▫Surge protection• Patch management and
antivirus software
• Backup procedures▫Full(probably weekly)▫Incremental
Copies only items that have changed since last partial backup
▫Differential backup Copies all changes made
since last full backup• Disaster recovery plan
(DRP)▫Procedures to restore
organization’s IT function Cold site Hot site
• Business continuity plan (BCP)▫How to resume all
operations, not just IT
10-10
![Page 11: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/11.jpg)
Copyright © 2015 Pearson Education, Inc.
11
10-11
![Page 12: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/12.jpg)
Copyright © 2015 Pearson Education, Inc.
Disaster Recovery Plan (DRP)
•Procedures to restore an organization’s IT function in the event that its data center is destroyed▫Cold Site An empty building that is prewired for necessary telephone and Internet access, plus a contract with one or more vendors to provide all necessary equipment within a specified period of time
▫Hot Site A facility that is not only prewired for telephone and Internet access but also contains all the computing and office equipment the organization needs to perform its essential business activities
▫Second Data-CenterUsed for back-up and site mirroring
10-12
![Page 13: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/13.jpg)
Copyright © 2015 Pearson Education, Inc.
Recovery
•Business Continuity Plan (BCP)▫How to resume not only IT operations, but all business processesRelocating to new officesHiring temporary replacements
10-13
![Page 14: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/14.jpg)
Copyright © 2015 Pearson Education, Inc.
DRP & BCP
•Documentation▫Plan, responsibilities, procedures to resume operations should be documented
•Testing▫Test to make sure it works as intended▫Revise as needed▫Should test at least on an annual basis
10-14
![Page 15: Processing Integrity and Availability Controls](https://reader035.vdocuments.site/reader035/viewer/2022081503/56813a0a550346895da1d9b0/html5/thumbnails/15.jpg)
Copyright © 2015 Pearson Education, Inc. 15
Virtualization & Cloud Computing•Virtualization
▫Can reduce time to recover from hardware problems Install files to new box
▫Support real time mirroring•Cloud Computing
▫Use redundant banks of servers in multiple locations Reduces risk of system downtime and data loss
▫Potential problem Data retrieval if public cloud provider goes belly-up
Policy of making regular back-ups and storing somewhere other than cloud necessary
▫Assess long-run financial viability of cloud provider before taking the plunge