Accounting 409 Chapter 10
Authorized ID Numbers
Authorized ID numbers can contain a check digit that is computed from the other digits. Data entry devices can then be programmed to perform check digit verification.
Avoiding System Downtime
Avoiding system downtime: • Preventative maintenance • Fault tolerance (redundant hardware) • Data center location and design • Training • Patch management and antivirus software
Cancellation of Storage and Source Documents
Cancellation and storage of source documents: source documents that haven entered into the system should be canceled so they cannot be inadvertently or fraudulently reentered into the system.
Data Entry Controls
Data entry controls: Source documents should be scanned for reasonableness and propriety before being entered into the system. However this manual control must be supplemented with automated data entry controls: Field Check, Sign Check, Limit Check, Range Check, Size Check, Completeness Check/Test, Validity Check, Reasonableness Check/Test, Authorized ID numbers
External Data Reconciliation
Database totals should periodically be reconciled with data maintained outside the system.
Input Controls
Form Design, Cancellation and Storage, Data Entry
Form design
Form design: Source documents and other forms should be designed to minimize the chances for errors and omissions. Two particularly important forms design controls involve sequentially prenumbering source documents and using turnaround documents. • All source documents should be sequentially prenumbered. Prenumbering improves control by making it possible to verify that no documents are missing • A turnaround document is a record of company data sent to an external party and then returned by the external party for subsequent input to the system. Turnaround documents are prepared in machine-readable form to facilitate their subsequent processing as input records.
Data Transmission Controls
Organizations also need to implement controls designed to minimize the risk of data transmission errors. 1. Checksums: When data are transmitted, the sending device can calculate a hash of the file, called a checksum. 2. Party bits: Computers represent characters as a set of binary digits called bits. Party bit is an extra digit added to the beginning of every character that can be used to check transmission accuracy. The receiving device performs parity checking, which entails verifying that the proper number of bits are set to the value 1 in each character received.
Reconciliation Procedures
Periodically, all transactions and other system updates should be reconciled to control reports, file status/update reports, or other control mechanisms.
Processing Controls
Processing controls: Controls are also needed to ensure that data is processed correctly. Examples: Data matching, File labels, The header record, The trailer record, Recalculation of batch totals, Cross-footing and zero-balance tests, Write-protection mechanisms, Concurrent update controls
Recovery of Normal Operations
Recovery of normal operations • Backup procedures • Disaster recovery plan (IT-specific) • Business continuity plan (IT independent) • Regular TESTING of plans and procedures is a key control
Output Controls
User review of output, Reconciliation procedures, External Data Reconciliation, Data transmission controls
User Review of output
Users should carefully examine system output to verify that it is reasonable, that it is complete, and that they are the intended recipients.
Financial Total
o A financial total sums a filed that contains monetary values, such as a total dollar amount of all sales for a batch of sales transactions
Hash Total
o A hash total sums a nonfinancial numeric fields, such as the total of the quantity-or-dered field in a batch of sales transactions.
Record Count
o A record count is the number of records in a batch.
Completeness Check/Test
• A completeness check (or test) verifies that all required data items have been entered.
Field Check
• A field check determines whether the characters in a field are of the proper type.
Limit Check
• A limit check tests a numerical amount against a fixed value.
Range Check
• A range check tests whether a numerical amount falls between predetermined lower and upper limits.
Reasonableness Test
• A reasonableness test determines the correctness of the logical relationship between two data items.
Sign Check
• A sign check determines whether the data in a field have the appropriate arithmetic sign.
Size Check
• A size check ensures that the input data will fit into the assigned filed.
Transaction Log
• A transaction log includes a detailed record of all transactions, including a unique transaction identifier, the date and time of entry, and who entered the transaction. If an online file is damaged, the transaction log can be used to reconstruct the file. If a malfunction temporarily shuts down the system, the transaction log can be used to ensure that transactions are not lost or entered twice.
Validity Check
• A validity check compares the ID code or account number in transaction data with similar data in the master file to verify that the account exists.
Additional batch processing data entry controls:
• Batch processing works more efficiently if the transactions are sorted so that the accounts affected are in the same sequence as records in the master file. A sequence check tests whether a batch of input data is in the proper numerical or alphabetical sequence. • An error log that identifies data input errors facilitates timely review and resubmission of transactions that cannot be processed.
Batch total
• Batch totals summarize numeric values for a batch of input records:
Closed-Loop Verification
• Closed-loop verification checks the accuracy of input data by using it to retrieve and display other related information.
Prompting
• Prompting, in which the system requests each input data item and waits for an acceptable response, ensures that all necessary data are entered (i.e., prompting is an online completeness check).
