Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 7 Controlling Information Systems:

Published byCharity Booker Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 7 Controlling Information Systems:"— Presentation transcript:

1 Chapter 7 Controlling Information Systems: Introduction to Internal Control

2 Learning Objectives Purpose of adequate internal control
Organizational/IT management control systems Relationship between ethics & sound internal control Be familiar w/ fraud, computer fraud/abuse Understanding of operations process and information process control goals Describe major categories of control plans

3 Why Controls? To ensure attainment of objectives
To lessen risks of unwanted outcomes Heightened awareness of scandals Emphasis by s/h on corporate governance Management’s legal responsibilities Highly publicized management and employee fraud

4 Common Business Exposures
Erroneous recordkeeping Unacceptable accounting Business interruption Erroneous management decisions Fraud and embezzlement Statutory sanctions Excessive costs Loss or destruction of resources Competitive disadvantage

5 Fraud and Control Fraud: deliberate act or untruth intended to obtain unfair or unlawful gain. Management charged with responsibility to prevent and/or disclose fraud. Control systems enable management to do this job

6 AICPA definition of Internal Control
SAS 78 (1995) - adopted COSO definition: INTERNAL CONTROL is a process-effected by a an entity’s board of directors, management, and other personnel-designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Effectiveness & efficiency of operations Reliability of financial reporting Compliance with applicable laws & regulations.

7 Five Interrelated Components of Internal Control
1. Control environment- tone at the top 2. Risk assessment - identification/analysis of risks 3. Control activities - policies and procedures 4. Information & communication - processing of info to enable people to do their jobs 5. Monitoring - process that assess quality of internal control over time

8 Gelinas/Sutton’s Working Definition of IC
…a system of integrated elements - people, structure, processes, and procedures - acting together to provide reasonable assurance that an organization achieves business process goals. The design and operation of the internal control system is the responsibility of top management and therefore should:

9 (cont.) Reflect management’s careful assessment of risks.
Be based on management’s evaluation of costs versus benefits. Be built on management’s strong sense of business ethics and personal integrity.

10 Recommend changes to system
General Control Model Observe actual state of system Document actual state of system Observations Recommendations Documentation Recommend changes to system Evaluate system Evaluation Goals & plans Desired state of system

11 Ethics and Controls COSO report stresses ethics as part of control environment (tone at the top) AICPA has built ethics issues into CPA exam Internal Auditing has ethics articles Many corporations have developed Code of Conduct

12 Business Process Control Goals & Control Plans
Goals - ends to be obtained operations process information process Plans - means to ensure that goals are attained

13 Effectiveness/Efficiency
measure of success in meeting established goals For an audit - performing audit in accordance with generally accepted auditing standards Efficiency measures of productivity of resources applied to goals For an audit - performing a .generally accepted auditing standards audit with minimum chargeable hours

14 Generic Control Goals Operations process goals:
Ensure effectiveness of operations Ensure efficient employment of resources Ensure security of resources

15 Generic Control Goals (cont.)
Information process goals: For transaction inputs, ensure Input validity Input completeness Input accuracy For master data, ensure update completeness update accuracy

16 Control Goals of Operations Process
Ensure effectiveness of operations ensure operations process is fulfilling its purpose satisfying critical success factors Ensure efficient employment of resources prevent unnecessary waste of resources accomplish goals w/ minimum deployment of resources Ensure security of resources Lock the door Lock the computer door (access codes/passwords)

17 Control Goals of Info Process
For transaction data (temporary; used to update) Input validity (approved/authorized) Input completeness (all valid captured/entered) Input accuracy (correct data entered correctly) For master data (permanent; update by trans data) Update completeness (all data entered update master) Update accuracy (data entered reflected accurately in master)

18

19 Control Plans Information processing policies and procedures that assist in accomplishing control goals Control environment Pervasive control plans Application control plans

20 Overall policies & Procs. Demonstrate commitment to control
Control Environment Overall policies & Procs. Demonstrate commitment to control Corporate ethics; “Tone at the top” Pervasive Control Plans Address multiple goals & apply to all applications Access to systems; fidelity bonds. Application Control Plans Relate to specific subsystems or to technology used Edit checks; Batch totals

21 Control Plans - other classifications
Preventive Detective Corrective _______________________________ Discretionary/Nondiscretionary Voluntary/Mandatory General/Application

22 Learning Objectives Purpose of adequate internal control
Organizational/IT management control systems Relationship between ethics & internal control Be familiar w/ fraud, computer fraud/abuse Understanding of operations process and information process control goals Describe major categories of control plans

Download ppt "Chapter 7 Controlling Information Systems:"

Similar presentations

Internal Control–Integrated Framework

Internal Control–Integrated Framework
Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.

Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Understanding & Managing Risk

Understanding & Managing Risk
INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.

INTERNAL AUDIT PROCESS Pre-Audit Presentation. OBJECTIVES OF PRESENTATION  Provide a basic understanding of internal audit  Provide a basic awareness.
Internal Control.

Internal Control.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
The Islamic University of Gaza

The Islamic University of Gaza
Controlling Information Systems:

Controlling Information Systems:
Accounting Information Systems 7e

Accounting Information Systems 7e
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.

INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
Controlling Information Systems: Introduction to Internal Control.

Controlling Information Systems: Introduction to Internal Control.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control Pertemuan 07 - 08 Matakuliah: F0204 / Sistem Akuntansi Tahun: 2007.

Internal Control Pertemuan Matakuliah: F0204 / Sistem Akuntansi Tahun: 2007.
PowerPoint Presentation by Charlie Cook Copyright © 2004 South-Western. All rights reserved. Chapter 8 IT Governance: Management Control of Information.

PowerPoint Presentation by Charlie Cook Copyright © 2004 South-Western. All rights reserved. Chapter 8 IT Governance: Management Control of Information.

Similar presentations

Ads by Google