Audit in A CIS Environment 2
Audit in A CIS Environment 2
Audit in A CIS Environment 2
For each type of control (A. IT Application Control, B. IT General Control), provide (1) Definition of the control type, (2) one
sample control design and (3) the possible corresponding test/s for the control.
A. IT Application Controls
Integrity Controls These controls monitor Access to update allocated Review access to set and
data being processed and rights to senior users amend master files and
in storage with to ensure it based on their roles and standing data.
remains consistent and need to use the
correct. application.
Management Trail Often referred as “Audit Controls are designed and Verify processing audit
Trail”, enables operating effectively to trails and logs exist that
management to identify ensure than an audit trail is assure all records have
transactions and events generated and maintained been processed and allow
they record by tracking for all transactional data. for tracing of the
transactions from their transaction from input to
source to their output and storage and output.
by tracing backward.
Auditing in a CIS Environment
A. IT General Controls
IT General Controls (1) Definition (2) Control Design (3) How to test
Program change Implementing a change Change Management
management management program Controls:
means assigning Review or assess change
responsibility for the A formal process for management procedures
various change activities proper change and validate that
involved in implementing management is in place. procedures followed.
new technology solutions.