Académique Documents
Professionnel Documents
Culture Documents
Although the computer has created some challenging problems for professional accountants, it
has also broadened their horizons and expanded the range and value of the services they offer. The
computer is more than a tool for performing routine accounting tasks with unprecedented speed and
accuracy. It makes possible the development of information that could not have been gathered in the
past because of time and cost limitations. When a client maintains accounting records with a
complex and sophisticated EDP system, auditors often find it helpful, and even necessary, to utilize
Adapted from “Principles of Auditing” by
Meigs, Whittington, Pany, and Meigs
Page 2 of 7
EDP / IT CONTROL PART I
Programs designed to perform a specific data processing task, such as payroll processing, are
known as application software. Early application programs were
laboriously written in machine
language, but today, programming languages such as COBOL (common
business-oriented lan-
guage) are much like English. Programming in COBOL and other
In some ways, computer systems enhance the reliability of financial information. Computers
source
process languages
transactions is made
uniformly and eliminate the human errors that may occur in a manual system.
On the other hand, defects in hardware or programs can result in a computer processing all
possibleincorrectly.
transactions by another element
Also, errors of that
or irregularities software, the compiler,
do occur in computer processing maywhich
not is a
computer
be program
detected by the utilized
client's personnel in few people are involved with data processing. Thus,
be-cause
computer hardware precision does not assure that computer output will be reliable.
translating a source-language program into machine language. The
Internal control over
machine-language versionEDP of activities
a
program is the
Auditors have called an o b je inctan program.
same responsibility EDP system as in a manual system, which is to satisfy
themselves that the financial statements produced reflect the
interpretation and processing of
transactions
Good internal controlinstressed
conformity withdivision
the need for a proper generally accepted
of duties among accounting
employees operating
a manual accounting system. In such a system, no one employee has complete responsibility for a
principles.
transaction, and the work of one person is verified by the work of another handling other aspects of
the same transaction. The division of duties gives assurance of accuracy in records and reports and
protects the company against loss from fraud or carelessness.
When a company converts to an EDP system, however, the work formerly divided among many
people is performed by the computer. Consolidation of activities and integration of functions are to
be expected, since the computer can conveniently handle many related aspects of a transaction. For
example, when payroll is handled by a computer, it is possible to carry out a variety of related tasks
with only a single use of the master records. These tasks could include the maintenance of personnel
files with information on seniority, rate of pay, insurance, and the like; a portion of the timekeeping
function; distribution of labor costs; and preparation of payroll checks and payroll records.
Despite the integration of several functions in an EDP system, the importance of internal control is
not in the least diminished. The essential factors described in Chapter 5 for satisfactory internal
control in a large-scale organization are still relevant. Separation of duties and clearly de-fined
responsibilities continue to be key ingredients despite the change in organization of activities. These
traditional control concepts are augmented, however, by controls written into the computer
programs and controls built into the computer hardware.
In auditing literature, internal controls over EDP activities often are classified as either general
controls or application controls. General controls relate to all EDP applications and include such
considerations as: (a) the organization of the EDP department; (b) procedures for documenting,
testing, and approving the original system and any subsequent changes; (c) controls built into the
hardware (equipment controls); and (d) security for files and equipment. Application controls, on
Systems analysis Systems analysts are responsible for designing the EDP system. After
considering the objectives of the business and the data processing needs of the various departments
using the computer output (user groups), they determine the goals of the system and the means of
achieving these goals. Utilizing system flowcharts and detailed instructions, they outline the data
processing system.