Академический Документы
Профессиональный Документы
Культура Документы
Processing Integrity
Table 10-1 on page 275 groups six categories of application
controls as they apply to input, processing, or output of data.
The AC is Access Controls.
Input Controls
As the old saying goes: garbage in, garbage out.
The quality of data that is collected about business activities
and entered into the information system is vital.
The following source data controls regulate the integrity of
input:
1. Forms Design. Source documents and other forms should
be designed to help ensure that errors and omissions
are minimized.
Page 1 of 13
2.
3.
4.
5.
6.
7.
8.
9.
The above tests are used for both batch processing and
online real-time processing.
Page 2 of 13
2.
3.
Processing Controls
Page 3 of 13
Page 4 of 13
Output Controls
Careful checking of system output provides additional control over
processing integrity. Important output controls include:
1. User review of output. Users should carefully examine
system output for reasonableness, completeness, and
that they are the intended recipient.
2. Reconciliation procedures. Periodically, all
transactions and other system updates should be
reconciled to control reports, file status/update
reports, or other control mechanisms. In addition,
general ledger accounts should be reconciled to
subsidiary account totals on a regular basis.
3. External data reconciliation. Database totals should
periodically be reconciled with data maintained
outside the system. For example, the number of
employee records in the payroll file can be compared
with the total from human resources to detect attempts
to add fictitious employees to the payroll database.
COBIT application control objective AC6 addresses the need to
protect the confidentiality and integrity of data during
transmission.
When using encryption to protest the confidentiality of
information transmitted from one location to another,
organizations need to implement controls designed to minimize the
risk of data transmission errors.
Page 5 of 13
2.
3.
Page 6 of 13
Page 7 of 13
Page 8 of 13
Page 9 of 13
Availability
Reliable systems and information are available for use whenever
needed.
Threats to system availability originate from many sources,
including:
1.
2.
3.
Human error
4.
5.
Page 10 of 13
Page 11 of 13
Page 12 of 13
Page 13 of 13