Controls in Information systems.
Controls in Information systems
CONTROL AUDIT AND SECURITY OF INFORMATION SYSTEM
• CONTROL- Method to ensure that a system processes data as per design and that all data is included and are correct
• AUDIT AND TESTING - Ensure that the system is built as per specifications and that processed results are correct. Protect systems from frauds.
• SECURITY- Protection of data resources, programs, and equipment from illegal use, theft, vandalism, accidents, disasters etc.
NEED OF CONTROLS
Information systems handle massive amounts of data – accidents such as not including some data can cause serious damage. Incorrect data entry can lead to high monetary losses. Credibility in the information system may be lost if errors are found in operational systems.
OBJECTIVES OF CONTROLS
To make sure data entering the computer are correct, check clerical handling of data before it is input to a computer. Provide means of detecting and tracing errors that occur due to bad data or bad program. Ensure that all legal requirements are met.
CONTROL TECHNIQUES
• ORGANIZATIONAL MEASURES
Well-defined responsibility for input preparation, delivery, output use, operation and maintenance. Changes in program and data (if any) should be documented. Performance of task and recording must be by different persons to prevent frauds.
• INPUT PREPARATOIN CONTROL
-Sequence numbering
-Batch controls
-Data entry and verification
-Record totals
-Self checking digits
PROCESSING CONTROLS
• PROOF FIGURES –An additional data element introduced to detect data entry/processing error Example:item code,qty supplied,cost/unit,proof cost(proof cost is additional data introduced).
Proof cost=(H-cost/unit)where H is a constant > maxcost Check if H * qty = ∑qty *proof cost + ∑qty * cost/unit If two sides are not equal, there is an error.
• TWO WAY CHECK – Calculate same qty in two different ways and they should be equal
Example : ∑ gross pay - ∑deductions = ∑net pay
• RELATIONSHIP CHECK –We know relation between variable. Example : Rebate total = ∑Sales * discount percent
• CHECKPOINT RESTART – Periodical storing of process state. If there is a failure roll back to saved state and restart computation.
• CHECK POINTS also useful to check intermediate results in long and complex calculations. Region where an error occurred can thus be isolated
Comments
Post a Comment