Accounting Information Systems Ch. 10
Availability Key Controls
-Preventive maintenance -Fault tolerance -data center location and design -Training -patch management -antivirus software -back up procedures -disaster recovery plan (DRP) -business contingency plan (BCP)
Online Data Entry Controls
-Prompting -Closed loop verification -Transaction log
OUTPUT CONTROLS
-User review of output -Reconciliation procedures -External data reconciliation (Checksums, Parity bits)
Availability
1. To minimize system downtime 2. Quick and complete recovery and resumption of normal operations
Zero-balance test (processing controls)
A processing control that verifies that the balance of a control account equals zero after all entires to it have been made
Turn Around Documents (Internal Control)
A record of company data sent to an external party and then returned by external party for subsequent input into the system
Prompting
An online data completeness check that requests each required item of input data and then waits for an acceptable response before requesting the next required item
Trailer Record (processing controls)
Appears at the end of file; in transaction files, the trailer record contains batch total calculated during input
Fault Tolerance (minimizing risk of downtime)
Capability of systems to continue performing when there is a hardware malfunction
Concurrent update controls (processing controls)
Controls that lock out users to protect individual records from errors that could occur if multiple users attempted to update the same record simultaniously
Archive
Copy of data base master file or software that is retained indefinelty as a historical record usually to satisfy legal and regulation requirements
PROCESSING CONTROLS for integrity
Data matching File labels Recalculation of batch totals Cross-footing and zero balance test Write protection mechanisms Concurrent updated controls
Checksum (Output Control)
Data transmission control that uses a hash of a file to verify accuray
Transaction log
Detailed record of all transactions, including unique transaction identifier, date and time of entry, and who entered the transaction
Hot Site
Disaster recovery option that relies on access to a completely operational alternative data center that is not only prewired but that it also contains all necessary software and hardware
Cold Site
Disaster recovery option that relies on access to alternative facility that is prewired for necessary telephone and internet access but does not contain any computer equipment
Resonableness Check (data entry control)
Edit Check of logical correctness of relationships among data items
Sequence Check (data entry control)
Edit check that determines if a batch of input data is in the proper numerical or alphabetical order
Limit Check (data entry control)
Edit check that tests numerical amount against fixed value
Field Check (data entry control)
Edit check that tests weather characteristics in field are correct field type. Example: Numbers in numeric field
Range Check (data entry control)
Edit check that tests weather data item falls between predetermined upper and lower litmits
Sign Check (data entry control)
Edit check that verifies that the data in a field have the appropriate arithmetic sign
Size Check (data entry control)
Edit field that ensures input data will fit in assigned field
Completeness Check (data entry control)
Edit field that verifies all data requiered have been enetered
Validity Check (data entry control)
Edit test that compares ID code or account umber in transaction data with similar data in the master file to verify account exists
Transposition Error (processing controls)
Error that results when numbers in two adjacent columns are inadvertently exchanged. Example: 64 written as 46
Parity Bit (Output Control)
Extra bit added to every character used to check transmission accurracy
Redundant Array of Independent Drivers (RAID) (minimizing risk of downtime)
Fault tolerance technique that records data on multiple disk drivers instead of just one to reduce risk of data loss
3 Commonly used batch totals
Financial Total Hash Total Record Count
Check Digit (data entry control)
ID numbers (such as employee numbers) can contain a check digit computed from other digits
Application Controls for Processing Integrity
Input (data entry controls) Processing Output
Closed-loop verification
Input validation method that uses data entered into the system to retrieve and display other related information so data entry person can verify the accuracy of input data
Real time mirroring
Maintaining complete copies of database at two separate data centers and updating updating both companies in real time
Recovery time Objective
Max time tolerance to restore an organization information system following a disaster
Defferential back up
Partial back up that involves copying all changes made since last full back up
Disaster recovery plan (DRP)
Plan to restore organizations IT capability in the event that its data center is destroyed
Check digit verification (data entry control)
Recalculating a check digit to verify that a data entry error has not been made
Form Designs (Input Control)
Source documents pre-numbered to make sure no documents are missing.
Hash total
Summing values for a field that would not usually be totaled
Parity Checking (Output Control)
The receiving device recalculates the parity bit to verify accuracy of transmitted data
Batch Totals (data entry control)
The sum of a numerical item for a batch of documents, calculated prior to processing batch when the data are entered and subsequently compared with computer-generated totals after each processing step to very that the data was processed correctly
Financial Total
Type of batch total that equals the sum of a field that contains a monetary value
Header Record (processing controls)
Type of internal label that appears at the beginning of a file, and contains the file name. Example date and other file ID information
Incremental back up
Type of partial back up that involves copying only data items that have been changed since last partial back up
Cross-footing balance test (processing controls)
Verifies accuracy by comparing two alternative ways of calculating same total
Recovery point objective (RPO)
amount of data organization is willing to reenter or potentially lose
Record count
batch total that equals the number of records processed at a given time
