Vous êtes sur la page 1sur 15

EFFECTS OF COMPUTER ON

INTERNAL CONTROLS
SEGREGATION OF DUTIES
SEGREGATION OF DUTIES

When apparently incompatible functions are combined


in the computer system, compensating controls are
necessary to prevent improper human intervention with
computer processing

A person with opportunity to make


unauthorized charges in computer programs
or data files is in a position to exploit the
concentration of data processing functions in
computer system.
DELEGATION OF AUTHORITY AND
RESPONSIBILITY
DELEGATION OF AUTHORITY AND
RESPONSIBILITY

A clear line of responsibility is an essential control in


both manual and computer system.

In computer system, however delegating


authority and responsibility in an ambiguous
way might be difficult because some
resources are shared among multiple users.
COMPETENT AND TRUSTWORTHY
PERSONNEL
COMPETENT AND TRUSTWORTHY
PERSONNEL
Substantial power is often vested in the persons responsible for
the computer-based information systems developed,
implemented, operated, and maintained within organizations.

Ensuring that an organization has competent


and trustworthy information systems
personnel is a difficult task.
ADEQUATE DOCUMENTS AND RECORDS
ADEQUATE DOCUMENTS AND RECORDS

In computer systems, documents might not be used to


support the initiation, execution, and recording of some
transactions.

Audit trails are often more extensive than


those maintained in manual systems.
PHYSICAL CONTROL over
ASSETS AND RECORDS
PHYSICAL CONTROL over ASSETS AND RECORDS

Purpose is to ensure that only authorized personnel


have access to the firm’s assets.

In a computer system, however, all the necessary


records can be maintained at a single site-namely, the
site where the computer is located.

Thus, perpetrator does not have to go to


physically disparate locations to execute
fraud.
ADEQUATE MAINTENANCE SUPERVISION
ADEQUATE MAINTENANCE SUPERVISION

In a computer system, however, data communications


facilities can be used to enable employees to be closer
to the customers they serve.
Supervisory controls must be built into the computer
system to compensate for the controls that usually can
be exercised through observation and inquiry

Make the activities of employees less visible to management.


Because many activities are performed electronically,
managers must periodically access the audit trail of employee
activities and examine it for unauthorized actions.
INDEPENDENT CHECKS ON
PERFORMANCE
INDEPENDENT CHECKS ON PERFORMANCE

If the program code in a computer system is authorized,


accurate, and complete, the system always follow the
designated procedures in the absence of some other
types of failure .

Independent check on the performance of programs often


have a little value.

Insofar, as many independent checks on performance


are no longer appropriate, auditors must now evaluate
the controls established from program development,
modification, operation, and maintenance.

Vous aimerez peut-être aussi