Education
Sr.
No. |
Example-Application
control |
Purpose/Example |
i |
Data edits |
Editing of data is allowed only for
permissible fields |
II |
Separation of business functions |
Transaction initiation and
authorization done by separate individuals |
III |
Balancing of processing totals |
Debit and credit of all transactions
are tallied |
IV |
Transaction logging |
All transactions are identified with
unique id and logged |
v |
Error reporting |
All errors in processing are
reported |
vi |
Exception Reporting |
All exceptions are reported |
Sr. No. |
Indicators of
effective IT controls |
I |
The ability to
execute and plan new work such as IT infrastructure upgrades required to
support new products and services. |
II |
Development
projects that are delivered on time and within budget, resulting in
cost-effective and better product and service offerings compared to
competitors.
|
III |
Ability
to allocate resources predictably.
|
IV |
Consistent
availability and reliability of information and IT services across the organization
and for customers, business partners, and other external interfaces. |
V |
Clear
communication to management of key indicators of effective controls. |
VI |
The ability to
protect against new vulnerabilities and threats and to recover from any
disruption of IT services quickly and efficiently. |
VII |
The efficient
use of a customer support center or help desk. |
VIII |
Heightened
security awareness on the part of the users and a security conscious culture. |
IC @ SA315: Have a look In this way; The plan of enterprise and all the methods and procedures adopted by the management of an entity
to assist in achieving
management’s objective of ensuring, as far as
practicable; ®
Orderly and efficient conduct of its business, including adherence to management policies, ®
Safeguarding of
assets, ®
Prevention and detection of fraud and
error, ®
Accuracy and completeness of the accounting records,
®
Timely preparation of reliable financial information. |