Output controls

 ensure that system output is not

• lost,
• misdirected, or corrupted and
• that privacy is not violated.
 Exposures of this sort can cause serious disruptions
to operations and may result in financial losses to a firm
 If the privacy of certain types of output is violated, a firm
could have its business objectives compromised, or it
could even become legally exposed.
Examples of Privacy Exposures

 disclosure of trade
 secret patents pending
 marketing research results
 patient medical records
 The type of processing method in use influences the
choice of controls employed to protect system output.

 Batch systems are more susceptible to exposure and

require a greater degree of control than real-time systems.
Controlling Batch Systems Output
 Batch systems usually produce output in the form of hard
copy, which typically requires the involvement of
intermediaries in its production and distribution
 The output is removed from the printer by the computer
operator, separated into sheets and separated from other
reports, reviewed for correctness by the data control
clerk, and then sent through interoffice mail to the end
user
 Each stage in this process is a point of potential exposure
where the output could be reviewed, stolen, copied, or
misdirected.
Output Spooling
 In large-scale data-processing operations, output devices
such as line printers can become backlogged with many
programs simultaneously demanding these limited
resources.
 can cause a bottleneck, which adversely affects the through output
of the system.
 Applications waiting to print output occupy computer memory and
block other applications from entering the processing stream
 To ease this burden, applications are often designed to
direct their output to a magnetic disk file rather than to the
printer directly.
 A computer criminal may use this opportunity to
perform any of the following unauthorized acts:
 Access the output file and change critical data values
 Access the file and change the number of copies of
output to be printed
 Make a copy of the output file to produce illegal output
reports
 Destroy the output file before output printing takes place
 The auditor should be aware of these potential exposures
and ensure that proper access and backup procedures
are in place to protect output files.
Print Programs
 When the printer becomes available, the print run
program produces hard copy output from the output file.

 Print programs are often complex systems that require

operator intervention
Four common types of operator actions
1. Pausing the print program to load the correct type of
output documents (check stocks, invoices, or other
special forms).
2. Entering parameters needed by the print run, such as the
number of copies to be printed.
3. Restarting the print run at a prescribed checkpoint after a
printer malfunction.
4. Removing printed output from the printer for review and
distribution.
Two Types of Exposures

1. the production of unauthorized copies of output

2. employee browsing of sensitive data

 Some print programs allow the operator to specify more

copies of output than the output file calls for, which allows
for the possibility of producing unauthorized copies of
output
Bursting
 When output reports are removed from the printer, they
go to the bursting stage to have their pages separated
and collated
 the bursting clerk may make an unauthorized copy of the
report, remove a page from the report, or read sensitive
information
 Supervision - primary control against exposure
 For very sensitive reports- bursting may be performed by
the end user
Waste
 Computer output waste represents a potential exposure
 It is important to dispose of aborted reports and the
carbon copies from multipart paper removed during
bursting properly
 Computer waste is also a source of technical data, such
as passwords and authority tables, which a perpetrator
may use to access the firm’s data files
Data Control
 responsible for verifying the accuracy of computer output
before it is distributed to the user
 Data control clerk
• review the batch control figures for balance;
• examine the report body for garbled, illegible, and missing data;
• record the receipt of the report in data control’s batch control log
Report Distribution
 Primary risks associated with report distribution
reports being lost,
 stolen, or
 misdirected in transit to the user
 A number of control measures can minimize the
exposures
 Maintaining adequate access control over this file
becomes highly important
 If an unauthorized individual were able to add his or her
name to the authorized user list, he or she would receive
a copy of the report
Distribution techniques
 The reports may be placed in a secure mailbox to which
only the user has the key.

 The user may be required to appear in person at the

distribution center and sign for the report.

 A security officer or special courier may deliver the report

to the user
End User Controls
 Once in the hands of the user, output reports should be
reexamined for any errors that may have evaded the data
control clerk’s review
 Users are in a far better position to identify subtle errors
in reports that are not disclosed by an imbalance in
control totals
 Errors detected by the user should be reported to the
appropriate computer services management
Factors influencing the length of time a hard copy
report iretained include:
 Statutory requirements specified by government agencies, such
as the IRS.
 The number of copies of the report in existence. When there are
multiple copies,certain of these may be marked for permanent
retention, while the remainder can be destroyed after use.
 The existence of magnetic or optical images of reports that can
act as permanent backup.
Controlling Real-Time Systems Output
 direct their output to the user’s computer screen, terminal, or
printer
 eliminates the various intermediaries in the journey from the
computer center to the user and thus reduces many of the
exposures
 Primary threat
• interception, disruption, destruction, or corruption of the output
message
• comes from two types of exposures: (1) exposures from equipment
failure; (2) exposures from subversive acts,
TESTING COMPUTER APPLICATION CONTROLS
 Two General Approaches
1. the black box (around the computer) approach
2. the white box (through the computer) approach
Black-Box Approach
 do not rely on a detailed knowledge of the application’s internal
logic
 They seek to understand the functional characteristics of the
application by analyzing flowcharts and interviewing
knowledgeable personnel in the client’s organization
 advantage-
• the application need not be removed from service and tested
directly
• feasible for testing applications that are relatively simple
White-Box Approach
 relies on an in-depth understanding of the internal logic of the
application being tested
 includes several techniques for testing application logic directly
 use small numbers of specially created test transactions to verify
specific aspects of an application’s logic and controls
 auditors are able to conduct precise tests, with known variables,
and obtain results that they can compare against objectively
calculated results
Common Types of Tests of controls
1. Authenticity tests
2. Accuracy tests
3. Completeness tests
4. Redundancy tests
5. Access tests
6. Audit trail tests
7. Rounding error tests
COMPUTER-AIDED AUDIT TOOLS AND
TECHNIQUESFOR TESTING CONTROLS
 Five CAATT approaches :
1. test data method
2. Base Case System Evaluation
3. Tracing
4. Integrated Test Facility
5. Parallel simulation
Test Data Method
 used to establish application integrity by processing specially
prepared sets of input data through production applications that
are under review
 The results of each test are compared to predetermined
expectations to obtain an objective evaluation of application logic
and control effectiveness.
 To perform the test data technique, the auditor must obtain a
copyof the current version of the application. In addition, test
transaction files and test master files must be created
Base Case System Evaluation
 When the set of test data in use is comprehensive
 BCSEtests
are conducted with a set of test transactions containing all
possible transaction types
 These are processed through repeated iterations during systems
development testing until consistent and valid results are
obtained. These results are the base case.
 When subsequent changes to the application occur during
maintenance, their effects are evalu_x0002_ated by comparing
current results with base case results.
Tracing
 Another type of the test data technique called tracing performs an
electronic walk through of the application’s internal logic
 requires a detailed understanding of the application’s internal logic
 Three Steps of tracing Procedure
1. The application under review must undergo a special
compilation to activate the trace option.
2. Specific transactions or types of transactions are created as
test data.
3. The test data transactions are traced through all processing
stages of the program,and a listing is produced of all
programmed instructions that were executed during the test.
Test Data : Advantages and Disadvantages
 ADVANTAGES
• They employ white box approach,thus providing explicit evidence
• Can be employed with minimal disruption to operations
• They require minimal computer expertise on the part of the auditors.
 DISADVANTAGES
• Auditors must rely on IS personnel to obtain a copy of the application for
testing
• Audit evidence is not entirely independent
• Provides static picture of application integrity
• Relatively high cost to implement, auditing inefficiency
Integrated Test Facility
 an automated technique that enables the auditor to test an
application’s logic and controls during its normal operation
 one or more audit modules designed into the application during
the systems development process
 Set up a dummy entity within the application system
• System able to discriminate betweeb ITf audit module transactions and
routine transactions
• Auditor analyzes ITF results against expected results
Parallel Simulation
 requires the auditor to write a program that simulates key features or
processes of the application under review
 simulated application is then used to reprocess transactions that were
previously processed by the production application
 steps
1.The auditor must first gain a thorough understanding of the application under review
2.The auditor must then identify those processes and controls in the application thatare
critical to the audit
3.The auditor creates the simulation using a 4GL or generalized audit software(GAS).
4.The auditor runs the simulation program using selected production transactions and
master files to produce a set of results.
5.Finally, the auditor evaluates and reconciles the test results with the production
results produced in a previous run