Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Slides:



Advertisements
Similar presentations
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
Advertisements

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Information Technology Control Day IV Afternoon Sessions.
Auditing Computer-Based Information Systems
Auditing Computer Systems
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Internal Control Concepts Knowledge. Best Practices for IT Governance IT Governance Structure of Relationship Audit Role in IT Governance.
6.1 Copyright © 2014 Pearson Education, Inc. publishing as Prentice Hall Building Information Systems Chapter 13 VIDEO CASES Video Case 1: IBM: Business.
Pertemuan 16 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 25 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
1 Output Controls Ensure that system output is not lost, misdirected, or corrupted and that privacy is not violated. Exposures of this sort can cause serious.
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 18-1 Accounting Information Systems 9 th Edition Marshall.
Pertemuan 20 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan 9-10 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Cash and Financial Investments. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved Internal Control Over --Cash Receipts.
Overview of IS Auditing n Need for control and Audit of Computers –Org cost of data loss –cost of incorrect decision –Value of hardware, software, personnel.
Pertemuan 15 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Session 3 – Information Security Policies
Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.
Information Systems Auditing and Assurance
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Today’s Lecture application controls audit methodology.
Chapter 22 Systems Design, Implementation, and Operation Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 22-1.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Overview of Systems Audit
Computer Based Information Systems Control UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Implications of Information Technology for the Audit Process
Internal Control in a Financial Statement Audit
1 Chapter Three IT Risks and Controls. 2 The Risk Management Process Identify IT Risks Assess IT Risks Identify IT Controls Document IT Controls Monitor.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Information Systems Security Operational Control for Information Security.
Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks.
Understanding the IT environment of the entity. Session objectives Defining contours of financial accounting in an IT environment and its characteristics.
S4: Understanding the IT environment of the entity.
Fundamentals I: Accounting Information Systems McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Pertemuan 3-4 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
The Systems Life Cycle AS Computing F451 AS Computing F451.
Today’s Lecture Covers
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
IT Risks and Controls Revised on Content Internal Control  What is internal control?  Objectives of internal controls  Types of internal controls.
Copyright © 2007 Pearson Education Canada 23-1 Chapter 23: Using Advanced Skills.
Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte.
Chapter 8 Auditing in an E-commerce Environment
Pertemuan 14 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Win Phillips, Ph.D Win Phillips, Ph.D. Clinical Assistant Professor University of Missouri Columbia, MO.
IT Audit for non-IT auditors Cornell Dover Assistant Auditor General 31 March 2013.
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
INFORMATION SYSTEMS SECURITY AND CONTROL.
Errors, Fraud, Risk Management, and Internal Controls
Controlling Computer-Based Information Systems, Part II
APPLICATION RISK AND CONTROLS
Needs Analysis & Alternative IT investment strategies Pertemuan 3-4
Cash and Financial Investments
Managing the IT Function
The Impact of Information Technology on the Audit Process
Computer-Based Processing: Developing an Audit Assessment Approach
The Impact of Information Technology on the Audit Process
Purchases and Cash Disbursements Procedures
Systems Design Chapter 6.
INFORMATION SYSTEMS SECURITY and CONTROL
CHAPTER 15 AUDITING EDP SYSTEMS.
Information Systems Security and Control
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Presentation transcript:

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007

Bina Nusantara APPLICATION RISK AND CONTROLS

Bina Nusantara Application Risks Weak security Unauthorized access to data Unauthorized remote access Inaccurate information Erroneous or falsified data input Misuse by authorized end users Incomplete processing Duplicate transactions Untimely processing Communications system failure Inadequate training Inadequate support

Bina Nusantara End User Computing (EUC) Application Risks Inefficient use of resources Incompatible systems Redundant systems Ineffective implementations Absence of separation of duties Unauthorized access to data or programs Copyright violations The destruction of information by computer viruses

Bina Nusantara Electronic Data Interchange (EDI) Application Risks Loss of Business Continuity / Going Concern Problem Interdependence Loss of confidentiality or sensitive information Increased exposure to fraud Manipulation of payment Loss of transactions

Bina Nusantara Electronic Data Interchange (EDI) Application Risks Errors in information and communication systems Loss of audit trail Concentration of control Application failure Potential legal liability Overcharging by third party service providers Manipulation of organization Not achieving anticipated cost savings

Bina Nusantara Implications of risks in an EDI systems Potential loss of transaction audit trail Increased exposure to ransom, blackmail, or fraud Disruption of cash flows Loss of profitability Damage to reputation Financial collapse

Bina Nusantara Application Controls Input Controls Interfaces Authenticity Accuracy Processing controls Completeness

Bina Nusantara Application Controls Error correction Output controls Reconciliation Distribution Retention Functional Testing and Acceptance Management Approval

Bina Nusantara Documentation Requirements Standards and descriptions of procedures Instructions to personnel Flowcharts Data flow diagrams Display or report layout Other materials that describe the systems

Bina Nusantara Application Software Life Cycle System Development Methodology – An information systems strategy that guides developers in building systems that are consistent with the organization’s technical and operational goals – Standards that guide in selection of hardware, software, and in developing new systems – Policies and procedures that support the organization’s goals and objectives – Project management which ensures that project are completed on time and within budget User Interface – Means by which the user interacts with the system.

Bina Nusantara Application Maintenance Corrective maintenance – Emergency program fixes and routine debugging Adaptive maintenance – Accommodation of change Perfective maintenance – User enhancements – Improve documentation – Recording for efficiency

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.