Untitled Essay, Research Paper
In accounting systems, certain controls are needed to guarantee that employees
are making their occupations decently and guarantee that the system runs decently. These
cheques are in the best involvement of the organisation. These controls come
in the signifier of internal and external controls for the system. The internal
controls are the cheques that are placed in the system my the company & # 8217 ; s
ain direction and managers. Today more and more companies are traveling from
the manual accounting systems to computerise accounting information systems.
The advantages of a computerized system are additions in the velocity and truth
of treating accounting information.
However, as systems become computerized, the internal controls for that system
has to be adapted consequently. This is because computerized systems bring
with them certain alone jobs that can merely be removed or minimized by
accommodating the present controls and adding new controls. These jobs are
& # 183 ; In a manual system there is a paper trail for the internal hearer
to follow. All records and minutess are kept on paper and so an hearer
has clear and documented cogent evidence of what has transpired. Computerized systems
seldom have a clear paper trail to follow. Since computing machines do all of the
sorting of the information the company seldom sorts the beginning paperss.
Besides the computing machine does most of the computations and treating so at that place would
non be the sum of certification that there would be in a manual system.
& # 183 ; Another job of computing machine systems is the fact that there can be
trouble in finding who entered the information. In a manual system the individuality
of the individual come ining the informations can be identified perchance by the individual & # 8217 ; s
handwriting. This can non be done in a computerized system. This makes it
really hard to find who is responsible for mistakes or fraud.
& # 183 ; Since the computing machines do all computations and treating mistakes can
occur due to bad design of the plan. This can be hard to observe
particularly if the mistake does non happen often and merely does so under
peculiar conditions.
& # 183 ; Computer systems besides offer new chances for fraud. If a computerized
system is non set up properly and certain cheques non set in so the computing machine
system can be used to victimize the company. The fact that it is hard
to follow who enters the informations merely adds to the magnitude of this. In order to minimise the hazards of mistakes or fraud happening
in the computing machine system certain controls have to be put into topographic point. These
controls can be broken up into three different classs. They are
1. Administrative Controls
2. Systems Development Controls
3. Procedural ControlsAdministrative Controls
Administrative controls are those controls are those controls
that are placed on the system to guarantee the proper organisation and processing
of informations. These administrative controls are
Division of responsibilities.
Duties are assigned to different persons in the
organisation. This is done in such a manner that no one individual can hold full
control over a dealing. This ensures that an person can non hold full
control over the creative activity and operating of the system. One ground for this
division is holding one individual commanding the system can ensue in fraud
if that individual is non wholly trusty. Another ground for the division
of responsibilities is to forestall the organisation from going wholly dependent
on the individual commanding the computing machine system. If this individual were to go forth
so the organisation would hold no 1 to run the system. The division of
responsibilities ensures that employees can go forth without holding any major consequence on
the system.Operation Controls
Operation controls are necessary controls since they since
they determine what the computing machine systems and the employees utilizing the system
have been making. These controls can come in the signifier of
& # 183 ; rotary motion of displacements
& # 183 ; responsibility logs
& # 183 ; a manual of operating instructions
& # 183 ; attending controls
& # 183 ; computing machine logs
These controls can let an hearer to track the exact
actions of the computing machine systems and employees. This certification allows
the to easy descry any mistakes or improper actions that have occurred.Files Controls
These controls are put in topographic point to minimise the figure
of mistakes and skip that occur in the file system. Good file controls
are
& # 183 ; Availability of a skilled technician
& # 183 ; Proper procedures for publishing and returning files
& # 183 ; proper labeling and indexing of files
& # 183 ; protection of storage media from dust, humidness, fire etc.
& # 183 ; Procedures for returning files for certain minimal periods
& # 183 ; Facilities for retrieving files that have been damaged or corrupted.
& # 183 ; Facilities for making backup transcripts of files.
The arrangement of these controls have really serious deductions. These controls
that information that is critical to the organisation is safe. The information in these
files must be protected from mistakes or fiddling whether knowing or
accidental.Hardware Security
The computing machine hardware is non merely of import to the processing
of the information but is besides a valuable fixed plus for the company. Therefore
controls for the protection of the hardware must be put into topographic point. Computer
hardware must be placed in a secure country where the entree to it is limited
merely to those who need to utilize it. Certain degrees of security must me maintained
e.g. merely the systems decision maker can hold entree to the CPU and storage
systems. The computing machine system must besides be placed in a control environment
to protect it from environmental jeopardies e.g. dust and humidness. Agreements
should be made to protect the computing machine against fires and power fluctuations.
There should besides be some controls in topographic point to retrieve the system in instance
the hardware fails. These controls would guarantee that the dislocation of the
hardware would non hold a serious consequence on the company.
Systems Development controls These are the controls that are put over the design and
execution of the system. These controls guarantee that the system is developed
with a minimal figure of errors.Standardization
One of import control is standardisation. These consist
of assorted criterions that are laid down by direction for the design and
development of the system. These criterions include the complete certification
of the development of the system. These criterions would non merely profit
in the correcting of jobs and updating of the system, the certification
would let the hearer to acquire a better thought of how the system works. This
would assist the hearer in descrying possible jobs in the system.Involvement of Management
The engagement of the organisations direction in the
development of the system is an of import control. With these controls,
direction must hold certification such as feasibleness surveies, budgets and
public presentation ratings. These paperss would let direction to de
cide
if the system being developed would be feasible and cost effectual. Without
such controls, expensive undertakings can be started and ne’er finished, bing
the organisation a great trade in clip and money. These managerial controls
force the development squad to make a thorough occupation since they are accountable
to management..Testing
Testing and tests are of import controls and necessitate
that systems are exhaustively tested before they become operational. The extended
proving of plans will minimise or even extinguish the mistakes in the computing machine
system. The trials will demo precisely what type of jobs occur in the system
in the processing of certain informations and would besides bespeak any jobs in
the response clip of the systems. Besides, the benchmarks that are calculated
in proving can be compared with benchmarks taken subsequently on to see if the plan
has been tampered with.Training
The preparation of the informations processing staff is a really of import
control. Proper preparation of staff would cut down the figure of mistakes that
would happen in the system due to inadequate cognition of the system. The
trained staff would be less likely to do mistakes.Concurrent Running of old and new systems.
Runing the old and new systems at the same time is besides an
of import control. This control would let the organisation to compare the
consequences of the two systems when they do different undertakings. These consequences would
let them to happen any jobs in the new system by formalizing the consequences
of the new system with the consequences of the old oneProcedural Controls.
Procedural controls are one of the most of import set
of controls as they are the 1s that are placed on the twenty-four hours to twenty-four hours running
of the system. Procedural controls are peculiarly effectual in observing
whether a system has been tampered with and so are effectual in observing
fraud. Procedural controls are divided into those controls placed on input,
end product, processing and storage.Input Controls
These are procedural controls that are placed on the input
of informations into the system. These controls are
& # 183 ; Serial enumeration of paperss
& # 183 ; Validation cheques on paperss
& # 183 ; Batching paperss and checking of batch sums
& # 183 ; mandate proceduresThese controls are carried out by the user section. The Data processing
depart besides so gets the information and set carry out their ain controls. These
are
& # 183 ; Vetting of batches to guarantee that they are right
& # 183 ; cheques on informations transition methodsThese cheques are made so that the information that is entered is as accurate and
as error free as possible.Processing Controls
Once that information has been entered into the system and is being processed, the
processing controls are used to guarantee that the information is processed decently.
Processing controls are divided into two classs. These are
1. Validation trials
2. File checksThe proof cheques are made on the information when it is being processed. These
cheques guarantee that the information is processed right. Validation cheques include
& # 183 ; Check digit confirmation
& # 183 ; Checks in the size of file and records
& # 183 ; look into on manner of the file
& # 183 ; Check on consistence of Fieldss in files
& # 183 ; Range trials on Numberss and values
& # 183 ; Hash sums
& # 183 ; Control record cheques
& # 183 ; Sequence cheques to guarantee that records are entered in the right
order
& # 183 ; Error logs which contain a record of all mistakes that have occurred
during the processing of the informations.
& # 183 ; Transaction logs which contain a record of each dealing that has
been made. This provides an audit trail for the hearer. The dealing
log would incorporate where a peculiar dealing originated and who initiated
it.
File cheques are the controls to guarantee that the unity of the files that
keep the informations for the organisation remain integral during processing. Some
file cheques are
& # 183 ; Use of heading tabular arraies to place files
& # 183 ; Use of dawdler labels to guarantee that the record is wholly read.
& # 183 ; Arithmetic cogent evidence of the proof of certain Fieldss by look intoing them
with other Fieldss in the recordOutput controls
The outputting of processed information besides has certain controls.
These end product controls are used to guarantee the completeness, truth and
seasonableness of the end product on screen, printed signifier every bit good as on storage media.
Some end product control processs are
& # 183 ; Initial showing of the end product to observe obvious mistakes
& # 183 ; Output should merely be distributed by authorised individuals to authorise
individuals.
& # 183 ; Controls sums on the end product should be checked against the control
sums of the input to guarantee the consistence of informations.
& # 183 ; All the paperss produced should be numbered and accounted for
& # 183 ; Highly sensitive stuffs should non be seen by the general information
treating staff but should be outputted to a secure location.
& # 183 ; A feedback system must be developed between the users and the informations
processing section so that any mistakes that occur would be reported and
later corrected.
Storage Controls
When informations is stored extra controls must be put into
topographic point to guarantee that the information is stored decently and that the information is to
tampered with in any manner. These controls guarantee that no unauthorised individuals
would be able to fiddle with or destruct the information whether it be deliberately
or intentionally. Some of these controls are
& # 183 ; Authorization controls to guarantee that merely authorised forces is
allowed to do amendments and omissions to the files.
& # 183 ; Controls to guarantee that amendments and omissions are to be exhaustively
documented so that the individual who made the amendments can be made accountable
for the alterations they made.
& # 183 ; Controls to guarantee that there are proper installations for the backup
of files. These include guaranting that files are backed up on a regular basis, multiple
backup files are kept and that these files are kept at a secure location
and are easy retrievable in instance of an exigency.
& # 183 ; Controls that would guarantee that the informations can be recovered in instance
of catastrophe. This includes dealing logs of complete system mopess which
will do periodic backups of all the minutess that occur within the
system.
Computerized accounting systems bring with so a set of new and alone jobs.
The internal controls that have been put into topographic point for a manual system to
assist the internal hearer can non to the full prevent or minimise the possibility
of mistakes or fraud that semen with the computerized systems. Therefore the
old controls must be modified for the new system and new controls must be
put in. Merely so can the internal hearer guarantee that the figure of mistakes
that occur within the system be minimized or even eliminated..
BibliographyBasset P.H. ( 1993 ) Computerised histories, 3rd Edition, Manchester: NCC
Blackwell. 1-85554-205-6.Grudinsku G. , Burch J. , ( 1989 ) , Information Systems Theory and Practice,
5th Edition, John Wiley and Sons, Inc. 0-471-61293-6.