Processing Integrity and Availability Controls
Chapter 10
Copyright © 2015 Pearson Education, Inc.
10-1
Learning Objectives
•
Identify and explain controls designed to ensure processing integrity.
•
Identify and explain controls designed to ensure systems availability.
Copyright © 2015 Pearson Education, Inc.
10-2
Processing Integrity Controls
•
Input
▫
Forms design
▫
Sequentially prenumbered
Turnaround documents
Copyright © 2015 Pearson Education, Inc.
10-3
Processing Integrity: Data Entry Controls
•
Field check
▫
•
•
Limit check
▫
•
Data in a field is appropriate sign (positive/negative)
▫
•
•
Tests numerical amount against lower and upper limits
Verifies that all required data is entered
Validity check
▫
Compares data from transaction file to that of master file to verify
existence
•
Reasonableness test
▫
•
Correctness of logical relationship between two data items
Check digit verification
▫
Copyright © 2015 Pearson Education, Inc.
Input data fits into the field
Completeness check
▫
Tests numerical amount against a fixed value
Range check
Size check
▫
Characters in a field are proper type
Sign check
▫
•
Recalculating check digit to verify data entry error has not been made
10-4
Additional Data Entry Controls
•
Batch processing
▫
Test of batch data in proper numerical or alphabetical sequence
Batch totals
Summarize numeric values for a batch of input records
Financial total
Prompting
▫
Sequence check
▫
•
•
System prompts you for input (online completeness check)
Closed-loop verification
▫
Checks accuracy of input data by using it to retrieve and display other
related information (e.g., customer account # retrieves the customer
name)
Hash total
Record count
Copyright © 2015 Pearson Education, Inc.
10-5
Processing Controls
•
Data matching
•
File labels
•
Recalculation of batch totals
▫
▫
Two or more items must be matched before an action takes place
•
Cross-footing
▫
Ensures correct and most updated file is used
Verifies accuracy by comparing two alternative ways of calculating the
same total
•
Zero-balance tests
▫
•
Write-protection mechanisms
▫
•
For control accounts (e.g., payroll clearing)
Protect against overwriting or erasing data
Concurrent update controls
▫
Prevent error of two or more users updating the same record at the same
time
Copyright © 2015 Pearson Education, Inc.
10-6
Output Controls
•
•
User review of output
Reconciliation
▫
Procedures to reconcile to control reports (e.g., general ledger A/R account reconciled to Accounts Receivable Subsidiary
Ledger)
▫
•
External data reconciliation
Data transmission controls
Copyright © 2015 Pearson Education, Inc.
10-7
Availability Controls
•
•
Preventive maintenance
•
Raised floor
Fire suppression
▫
•
Copyright © 2015 Pearson Education, Inc.
Procedures to restore organization’s IT function
Uninterruptible power supply (UPS)
Patch management and antivirus software
Copies all changes made since last full backup
Disaster recovery plan (DRP)
▫
•
Copies only items that have changed since last partial backup
Differential backup
Air conditioning
Surge protection
Incremental
Use of redundant components
Data center location and design
▫
▫
▫
▫
▫
Backup procedures
▫
Fault tolerance
▫
•
•
Cold site
Hot site
Business continuity plan (BCP)
▫
How to resume all operations, not just IT
10-8
Key Terms
•
•
•
•
•
•
•
•
•
•
•
Turnaround document
Field check
Sign check
Limit check
Range check
Size check
Completeness check
Validity check
Reasonableness test
Check digit
Check digit verification
Copyright © 2015 Pearson Education, Inc.
•
•
•
•
•
•
•
•
•
•
•
•
Sequence check
Batch totals
Financial total
Hash total
Record count
Prompting
Closed-loop verification
Header record
Trailer record
Transposition error
Cross-footing balance test
Zero-balance test
10-9
Key Terms (continued)
•
•
•
•
•
•
•
•
•
Concurrent update controls
Checksum
Parity bit
Parity checking
Fault tolerance
Redundant arrays of independent drives (RAID)
Uninterruptible power supply (UPS)
Backup
Recovery point objective (RPO)
Copyright © 2015 Pearson Education, Inc.
•
•
•
•
•
•
•
•
•
•
Recovery time objective (RTO)
Real-time mirroring
Full backup
Incremental backup
Differential backup
Archive
Disaster recovery plan (DRP)
Cold site
Hot site
Business continuity plan (BCP)
10-10