IT Application Controls : An Important Area of IT (Technology) Controls in Business and IT Landscape and Governance
AMIT KUMAR, CMA, CIA, MBA (Finance)
Internal Audit, Internal Control & Risk Mgmt | FP&A | Mgmt & Financial Accounting | Commercial & Supply Chain Finance | Treasury & Insurance | SAP - Processes, Internal Controls, & Meta-Reference-Master Data Mgmt
Are you wondering what IT Application Controls are or Are you looking for an IT Application Controls Checklist ?? Let Starts….
o?? Introduction of IT Applications Controls:
o?? Purpose of Application Controls:
i) SLA (Service Level Agreement) - Customer Service Perspective
ii) TPT (Throughput Time) - Team Efficiency Perspective
b) Processed only Once:
i) No Duplicity
ii) Created Once, Used Everywhere (System Integration)
o?? Areas of IT Applications Controls:
o?? Types of IT Applications Controls
§? Batch Input Controls:
a) Financial Totals ($ Amt / $ Value)
b) Records Counts (Row Counts)
c) Hash Totals (Total / Sum of Non-addable Fields)
d) Management Release (Park-Post)
§? On-line (OLTP) Input Controls:
a) Preformatting
b) The Dialogue Approach
c) Field (Edit) / Format Check
d) Limit (Reasonableness) and Range Check
e) Validity Check
f) Check Digits
g) Sequence Check
h) Zero Balance Check
i) Completeness Check
领英推荐
j) Closed-loop Verification (Screen Simulation)
k) An Edit Routine
a) Limit Check
b) Batch Control Check
c) Concurrency Control
d) Validation
e) Completion (Completeness)
f) Arithmetic Control
g) Sequence Check
h) Run-to-Run controls totals
j) Key Integrity?
a) Transaction logs
b) Error Listing
c) Records Counts
d) Run-to-Run Controls Totals
e) Periodically reconciling the output reports
f) Formal procedures and documentation, which specifies authorized recipient of output (data or report)
k) Credentialing
l) Secure File Transmission
m) File Encryption
o?? Segregation of Duties (SOD) Controls
The basic concept for segregating duties is that no single individual should have control over all phases of a transaction.
All application needs to be checked w.r.t. SOD Conflicts and SOD Conflicts needs to be mitigated either by removal of incompatible authorization or sought business approval over SOD conflict.
o?? Integrity Controls
Integrity controls monitor data being processed and in storage to ensure it remains consistent and correct.
o?? Management Trails (Audit Trail)
Management trails or Audit trails are processing history that enable management to track transactions from their source to their output.
Defining the future of governance with ACTIVE GOVERNANCE for identities, processes, and technology. Helping organizations solve complex control challenges with advanced automated control solutions.
1 年This article is also a good resource if you're looking to learn more about ITACs: https://www.safepaas.com/articles/it-application-controls-and-the-benefits-of-automation/
Chartered Accountant, CIA - Experienced professional in Accounting | Controllership| Finance | Internal Controls| Audit with 20+ years of experience in F&A (Global & Indian)
1 年Good information!