SlideShare uma empresa Scribd logo

Internal controls in an IT environment

Chris Nicole Apat-Orcullo, CPA
Chris Nicole Apat-Orcullo, CPA

Application Controls

TecnologiaNegócios
1 de 18
Baixar para ler offline
Internal Controls in an IT Environment
What are Internal Controls? • It is comprised of policies, practices and procedures employed by the organization to achieve four (4) broad objectives: – To safeguard assets of the firm – To ensure the accuracy and reliability of accounting records and information – To promote efficiency of the firm’s operations – To measure compliance with management’s prescribed policies and procedures
Modifying Principles of Internal Control • • • • Management Responsibility Methods of Data Processing Limitations Reasonable Assurance
Limitations of Internal Control 1. 2. 3. 4. Possibility of error Circumventions Management Override Changing conditions
PDC Model Preventive, Detective and Corrective Controls
Preventive Controls • First line of defense • Passive techniques designed to reduce the frequency of occurrence of undesirable events. • Example is a well-designed data screen – only valid entries and user-defined fields are entered.
Detective Controls • Are devices, techniques and procedures designed to identify and expose undesirable events that elude preventive controls. • Example – alert that the amount entered as DEBIT in the system does not equal the CREDIT entered, vice versa
Corrective Control • The “fix.” • Example – adjusting entries to erroneous accounts used in entering in the journal entry.
COSO INTERNAL CONTROL FRAMEWORK
What is COSO? • Stands for “Committee of Sponsoring Organizations of the Treadway Commission.” • Included the following organizations: – Financial Executives International (FEI) – Institute of Management Accountants (IMA) – American Accounting Association (AAA) – AICPA – IIA
THE COSO INTERNAL FRAMEWORK
The Control Environment – Integrity and ethical values of management – Organizational structure – BOD and Audit Committee participation – Management philosophy and operating style – External influences – HR policies and practices
Risk Assessment – Changes in operating environment – New personnel – New/re-engineered systems – Significant and rapid growth – Introduction of new product lines or activities – Organizational restructuring – Entrance to foreign markets – Adoption of new accounting principle(s)
Information and Communication – Identify and record all valid financial information. – Provide timely information about transactions in sufficient detail to permit proper classification and financial reporting. – Accurately measure the financial value of transactions so their effects can be recorded in financial statements. – Accurately record transactions in the proper time period.
Monitoring – Process by which the quality of internal control design and operation can be assessed.
Control Activities • Physical controls  relates primarily to the human activities employed in accounting systems.  the six (6) categories of physical controls are:       Transaction authorization Segregation of duties Supervision Accounting records Access control Independent verification
• IT Controls – Application  Ensures validity, completeness, and accuracy of financial transactions.  Examples include: limit checks, check digits, batch balancing techniques.
– General  Also known as General Computer Controls, Information Technology Controls  Include controls over IT governance, IT infrastructure, security and access to operating systems and databases, application acquisition and development and program change procedures

Recomendados

Audit of the acquisition and payment cycle
Audit of the acquisition and payment cycleAudit of the acquisition and payment cycle
Audit of the acquisition and payment cyclesellyhood
 
Audit sampling
Audit samplingAudit sampling
Audit samplingHeickal Pradinanta
 
Internal controls
Internal controlsInternal controls
Internal controlsGeetali Tare
 
DPA 3043(AUDITING)-CHAPTER 6:Materiality and Risk
DPA 3043(AUDITING)-CHAPTER 6:Materiality and RiskDPA 3043(AUDITING)-CHAPTER 6:Materiality and Risk
DPA 3043(AUDITING)-CHAPTER 6:Materiality and Risknorliza muhamad
 
Audit sampling for tests of controls and substantive tests of transactions
Audit sampling for tests of controls and substantive tests of transactionsAudit sampling for tests of controls and substantive tests of transactions
Audit sampling for tests of controls and substantive tests of transactionsbagarza
 
Internal control
Internal controlInternal control
Internal controliPleaders - Re-engineering Legal education, New Delhi
 
Audit procedures
Audit proceduresAudit procedures
Audit proceduresBilal Ahmed Bhatti
 
Audit & Assurance
Audit & Assurance Audit & Assurance
Audit & Assurance Md. Mehadi Hassan Bappy
 

Recomendados

Audit of the acquisition and payment cycle
Audit of the acquisition and payment cycleAudit of the acquisition and payment cycle
Audit of the acquisition and payment cyclesellyhood
 
Audit sampling
Audit samplingAudit sampling
Audit samplingHeickal Pradinanta
 
Internal controls
Internal controlsInternal controls
Internal controlsGeetali Tare
 
DPA 3043(AUDITING)-CHAPTER 6:Materiality and Risk
DPA 3043(AUDITING)-CHAPTER 6:Materiality and RiskDPA 3043(AUDITING)-CHAPTER 6:Materiality and Risk
DPA 3043(AUDITING)-CHAPTER 6:Materiality and Risknorliza muhamad
 
Audit sampling for tests of controls and substantive tests of transactions
Audit sampling for tests of controls and substantive tests of transactionsAudit sampling for tests of controls and substantive tests of transactions
Audit sampling for tests of controls and substantive tests of transactionsbagarza
 
Internal control
Internal controlInternal control
Internal controliPleaders - Re-engineering Legal education, New Delhi
 
Audit procedures
Audit proceduresAudit procedures
Audit proceduresBilal Ahmed Bhatti
 
Audit & Assurance
Audit & Assurance Audit & Assurance
Audit & Assurance Md. Mehadi Hassan Bappy
 
Lecture 9, Chapter 13, Audit Sampling
Lecture 9, Chapter 13, Audit SamplingLecture 9, Chapter 13, Audit Sampling
Lecture 9, Chapter 13, Audit SamplingSazzad Hossain, ITP, MBA, CSCA™
 
Topic 10 audit of payroll cycle (1)
Topic 10 audit of payroll cycle (1)Topic 10 audit of payroll cycle (1)
Topic 10 audit of payroll cycle (1)sakura rena
 
Auditing Chapter 2
Auditing Chapter 2Auditing Chapter 2
Auditing Chapter 2aaykhan
 
Lecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsLecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsSazzad Hossain, ITP, MBA, CSCA™
 
9. audit evidence
9. audit evidence9. audit evidence
9. audit evidenceSyed Osama Rizvi
 
ISA 315
ISA 315ISA 315
ISA 315varuna177
 
Chapter 2 internal control
Chapter 2 internal controlChapter 2 internal control
Chapter 2 internal controlDr Manu H Natesh
 
General Ledger and Financial Reporting System (GLFRS)
General Ledger and Financial Reporting System (GLFRS)General Ledger and Financial Reporting System (GLFRS)
General Ledger and Financial Reporting System (GLFRS)Osareme Erhomosele
 
Topic 5 audit evidence and auditing procedure
Topic 5 audit evidence and auditing procedureTopic 5 audit evidence and auditing procedure
Topic 5 audit evidence and auditing proceduresakura rena
 
Auditing in a computer environment copy
Auditing in a computer environment copyAuditing in a computer environment copy
Auditing in a computer environment copySaleh Rashid
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessmentcasahiljain1992
 
Lecture 11, Chapter 18, Completing the audit
Lecture 11, Chapter 18, Completing the auditLecture 11, Chapter 18, Completing the audit
Lecture 11, Chapter 18, Completing the auditSazzad Hossain, ITP, MBA, CSCA™
 
Topic 10 audit of payroll cycle
Topic 10 audit of payroll cycleTopic 10 audit of payroll cycle
Topic 10 audit of payroll cyclesakura rena
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Sazzad Hossain, ITP, MBA, CSCA™
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-softwarekzoe1996
 
planning process in audit ppt
planning process in audit pptplanning process in audit ppt
planning process in audit pptKunalPatel257
 
Internal control lecture notes (DAC 401: Principles and practices of auditing)
Internal control lecture notes (DAC 401: Principles and practices of auditing)Internal control lecture notes (DAC 401: Principles and practices of auditing)
Internal control lecture notes (DAC 401: Principles and practices of auditing)Warui Maina
 
Trial Balance its error and its rectification
Trial Balance its error and its rectificationTrial Balance its error and its rectification
Trial Balance its error and its rectificationDivyank Raj Pathak
 
Introduction to computerised accounting
Introduction to computerised accountingIntroduction to computerised accounting
Introduction to computerised accountingItisha Sharma
 
Chapter 7 Payroll & Personnel Cycle
Chapter 7 Payroll & Personnel CycleChapter 7 Payroll & Personnel Cycle
Chapter 7 Payroll & Personnel CycleNina Ellina
 
Internal control
Internal controlInternal control
Internal controlSALIH AHMED ISLAM
 
Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 

Mais conteúdo relacionado

Mais procurados

Topic 10 audit of payroll cycle (1)
Topic 10 audit of payroll cycle (1)Topic 10 audit of payroll cycle (1)
Topic 10 audit of payroll cycle (1)sakura rena
 
Auditing Chapter 2
Auditing Chapter 2Auditing Chapter 2
Auditing Chapter 2aaykhan
 
Lecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsLecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsSazzad Hossain, ITP, MBA, CSCA™
 
Chapter 2 internal control
Chapter 2 internal controlChapter 2 internal control
Chapter 2 internal controlDr Manu H Natesh
 
General Ledger and Financial Reporting System (GLFRS)
General Ledger and Financial Reporting System (GLFRS)General Ledger and Financial Reporting System (GLFRS)
General Ledger and Financial Reporting System (GLFRS)Osareme Erhomosele
 
Topic 5 audit evidence and auditing procedure
Topic 5 audit evidence and auditing procedureTopic 5 audit evidence and auditing procedure
Topic 5 audit evidence and auditing proceduresakura rena
 
Auditing in a computer environment copy
Auditing in a computer environment copyAuditing in a computer environment copy
Auditing in a computer environment copySaleh Rashid
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessmentcasahiljain1992
 
Topic 10 audit of payroll cycle
Topic 10 audit of payroll cycleTopic 10 audit of payroll cycle
Topic 10 audit of payroll cyclesakura rena
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-softwarekzoe1996
 
planning process in audit ppt
planning process in audit pptplanning process in audit ppt
planning process in audit pptKunalPatel257
 
Internal control lecture notes (DAC 401: Principles and practices of auditing)
Internal control lecture notes (DAC 401: Principles and practices of auditing)Internal control lecture notes (DAC 401: Principles and practices of auditing)
Internal control lecture notes (DAC 401: Principles and practices of auditing)Warui Maina
 
Trial Balance its error and its rectification
Trial Balance its error and its rectificationTrial Balance its error and its rectification
Trial Balance its error and its rectificationDivyank Raj Pathak
 
Introduction to computerised accounting
Introduction to computerised accountingIntroduction to computerised accounting
Introduction to computerised accountingItisha Sharma
 
Chapter 7 Payroll & Personnel Cycle
Chapter 7 Payroll & Personnel CycleChapter 7 Payroll & Personnel Cycle
Chapter 7 Payroll & Personnel CycleNina Ellina
 

Mais procurados (20)

Lecture 9, Chapter 13, Audit Sampling
Lecture 9, Chapter 13, Audit SamplingLecture 9, Chapter 13, Audit Sampling
Lecture 9, Chapter 13, Audit Sampling
 
Topic 10 audit of payroll cycle (1)
Topic 10 audit of payroll cycle (1)Topic 10 audit of payroll cycle (1)
Topic 10 audit of payroll cycle (1)
 
Auditing Chapter 2
Auditing Chapter 2Auditing Chapter 2
Auditing Chapter 2
 
Lecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reportsLecture slide ,chapter 6, Overview of the audit of financial reports
Lecture slide ,chapter 6, Overview of the audit of financial reports
 
9. audit evidence
9. audit evidence9. audit evidence
9. audit evidence
 
ISA 315
ISA 315ISA 315
ISA 315
 
Chapter 2 internal control
Chapter 2 internal controlChapter 2 internal control
Chapter 2 internal control
 
General Ledger and Financial Reporting System (GLFRS)
General Ledger and Financial Reporting System (GLFRS)General Ledger and Financial Reporting System (GLFRS)
General Ledger and Financial Reporting System (GLFRS)
 
Topic 5 audit evidence and auditing procedure
Topic 5 audit evidence and auditing procedureTopic 5 audit evidence and auditing procedure
Topic 5 audit evidence and auditing procedure
 
Auditing in a computer environment copy
Auditing in a computer environment copyAuditing in a computer environment copy
Auditing in a computer environment copy
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessment
 
Lecture 11, Chapter 18, Completing the audit
Lecture 11, Chapter 18, Completing the auditLecture 11, Chapter 18, Completing the audit
Lecture 11, Chapter 18, Completing the audit
 
Topic 10 audit of payroll cycle
Topic 10 audit of payroll cycleTopic 10 audit of payroll cycle
Topic 10 audit of payroll cycle
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-software
 
planning process in audit ppt
planning process in audit pptplanning process in audit ppt
planning process in audit ppt
 
Internal control lecture notes (DAC 401: Principles and practices of auditing)
Internal control lecture notes (DAC 401: Principles and practices of auditing)Internal control lecture notes (DAC 401: Principles and practices of auditing)
Internal control lecture notes (DAC 401: Principles and practices of auditing)
 
Trial Balance its error and its rectification
Trial Balance its error and its rectificationTrial Balance its error and its rectification
Trial Balance its error and its rectification
 
Introduction to computerised accounting
Introduction to computerised accountingIntroduction to computerised accounting
Introduction to computerised accounting
 
Chapter 7 Payroll & Personnel Cycle
Chapter 7 Payroll & Personnel CycleChapter 7 Payroll & Personnel Cycle
Chapter 7 Payroll & Personnel Cycle
 

Semelhante a Internal controls in an IT environment

Internal Control
Internal ControlInternal Control
Internal ControlSalih Islam
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Hendri Eka Saputra
 
Accounting system and control
Accounting system and controlAccounting system and control
Accounting system and controlRaziya Hameed
 
8. Business achieving & organizational control
8. Business achieving & organizational control 8. Business achieving & organizational control
8. Business achieving & organizational control Sudhir Upadhyay
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Red Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level ControlsRed Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level ControlsSmith-Howard
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control envPhillys Sebastiane
 
Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Hisyam
 
UNCCInternalControls.pptx
UNCCInternalControls.pptxUNCCInternalControls.pptx
UNCCInternalControls.pptxAral20101
 
Internal Audit - A Comprehensive Risk Management tool
Internal Audit - A Comprehensive Risk Management toolInternal Audit - A Comprehensive Risk Management tool
Internal Audit - A Comprehensive Risk Management toolRamesh Verma
 
Internal audits role in compliance
Internal audits role in complianceInternal audits role in compliance
Internal audits role in complianceSalih Islam
 
Emerging Contractors Mitigating Control Risk
Emerging Contractors Mitigating Control Risk Emerging Contractors Mitigating Control Risk
Emerging Contractors Mitigating Control Risk Marie Pagnotta
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditingMarc Vael
 

Semelhante a Internal controls in an IT environment (20)

Internal control
Internal controlInternal control
Internal control
 
Internal Control
Internal ControlInternal Control
Internal Control
 
1auditconcepts
1auditconcepts1auditconcepts
1auditconcepts
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 
Accounting system and control
Accounting system and controlAccounting system and control
Accounting system and control
 
8. Business achieving & organizational control
8. Business achieving & organizational control 8. Business achieving & organizational control
8. Business achieving & organizational control
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Red Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level ControlsRed Flag Reporting - Organizational Level Controls
Red Flag Reporting - Organizational Level Controls
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control env
 
Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)
 
UNCCInternalControls.pptx
UNCCInternalControls.pptxUNCCInternalControls.pptx
UNCCInternalControls.pptx
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
Chapter 7
Chapter 7Chapter 7
Chapter 7
 
Internal Audit - A Comprehensive Risk Management tool
Internal Audit - A Comprehensive Risk Management toolInternal Audit - A Comprehensive Risk Management tool
Internal Audit - A Comprehensive Risk Management tool
 
Internal audits role in compliance
Internal audits role in complianceInternal audits role in compliance
Internal audits role in compliance
 
Audit presentation
Audit presentationAudit presentation
Audit presentation
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
 
Emerging Contractors Mitigating Control Risk
Emerging Contractors Mitigating Control Risk Emerging Contractors Mitigating Control Risk
Emerging Contractors Mitigating Control Risk
 
Value-added it auditing
Value-added it auditingValue-added it auditing
Value-added it auditing
 

Último

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 

Último (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 

Internal controls in an IT environment

  • 1. Internal Controls in an IT Environment
  • 2. What are Internal Controls? • It is comprised of policies, practices and procedures employed by the organization to achieve four (4) broad objectives: – To safeguard assets of the firm – To ensure the accuracy and reliability of accounting records and information – To promote efficiency of the firm’s operations – To measure compliance with management’s prescribed policies and procedures
  • 3. Modifying Principles of Internal Control • • • • Management Responsibility Methods of Data Processing Limitations Reasonable Assurance
  • 4. Limitations of Internal Control 1. 2. 3. 4. Possibility of error Circumventions Management Override Changing conditions
  • 5. PDC Model Preventive, Detective and Corrective Controls
  • 6. Preventive Controls • First line of defense • Passive techniques designed to reduce the frequency of occurrence of undesirable events. • Example is a well-designed data screen – only valid entries and user-defined fields are entered.
  • 7. Detective Controls • Are devices, techniques and procedures designed to identify and expose undesirable events that elude preventive controls. • Example – alert that the amount entered as DEBIT in the system does not equal the CREDIT entered, vice versa
  • 8. Corrective Control • The “fix.” • Example – adjusting entries to erroneous accounts used in entering in the journal entry.
  • 10. What is COSO? • Stands for “Committee of Sponsoring Organizations of the Treadway Commission.” • Included the following organizations: – Financial Executives International (FEI) – Institute of Management Accountants (IMA) – American Accounting Association (AAA) – AICPA – IIA
  • 12. The Control Environment – Integrity and ethical values of management – Organizational structure – BOD and Audit Committee participation – Management philosophy and operating style – External influences – HR policies and practices
  • 13. Risk Assessment – Changes in operating environment – New personnel – New/re-engineered systems – Significant and rapid growth – Introduction of new product lines or activities – Organizational restructuring – Entrance to foreign markets – Adoption of new accounting principle(s)
  • 14. Information and Communication – Identify and record all valid financial information. – Provide timely information about transactions in sufficient detail to permit proper classification and financial reporting. – Accurately measure the financial value of transactions so their effects can be recorded in financial statements. – Accurately record transactions in the proper time period.
  • 15. Monitoring – Process by which the quality of internal control design and operation can be assessed.
  • 16. Control Activities • Physical controls  relates primarily to the human activities employed in accounting systems.  the six (6) categories of physical controls are:       Transaction authorization Segregation of duties Supervision Accounting records Access control Independent verification
  • 17. • IT Controls – Application  Ensures validity, completeness, and accuracy of financial transactions.  Examples include: limit checks, check digits, batch balancing techniques.
  • 18. – General  Also known as General Computer Controls, Information Technology Controls  Include controls over IT governance, IT infrastructure, security and access to operating systems and databases, application acquisition and development and program change procedures