Scribd
Upload
130 views

Essay in Auditing in CIS Environment

The document discusses concerns about microcomputers including their lower performance compared to other systems, vulnerability to security threats as they are easily hacked, and issues maintaining hardware. It also discusses the impact of changes to an internal control system for accounting when moving to a computerized system, including the concentration of control procedures, potential for unauthorized access to data, and difficulty manually detecting programming errors.

Uploaded by

Paul Varona
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
130 views

Essay in Auditing in CIS Environment

The document discusses concerns about microcomputers including their lower performance compared to other systems, vulnerability to security threats as they are easily hacked, and issues maintaining hardware. It also discusses the impact of changes to an internal control system for accounting when moving to a computerized system, including the concentration of control procedures, potential for unauthorized access to data, and difficulty manually detecting programming errors.

Uploaded by

Paul Varona
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Question 1

Required: What are your concerns about the system that BOX uses?

In terms of price too micro computers are way cheaper. Micro computers that are
designed for common use are cheaper to an extent that everybody will be able to afford
them. However, not all the models of micro computers are inexpensive. Some comes
with higher specs that users need to spend several thousand dollars to purchase.
Maintenance in all aspects of a micro computer is relatively easy. Handling and
operating both hardware and software can be done with little effort. In fact many users
fix PC problems on their own without anyone's assistance. If there is any malfunctioning
hardware, users can simply open the case to replace them. Most of the micro
computers are equipped with a low power processors. As a result, their performance is
typically lesser than both supercomputers and a mainframe computer. For example, you
cannot play high end games or run demanding applications that require significant
amount of computational power. A micro computer which is connected to the internet is
vulnerable to numerous security threats. It does not offer strong protection. Any hacker
or an intruder can easily gain access to your computer and steal information. Or else a
virus could cause several damages to the important files.

Question 2

Required:

For each of the changes, discuss the impact on the internal control system and the
independent audit.

1. Absence of input documents—data may be entered directly into the computer


system without supporting documents. In some on-line transaction systems,
written evidence of individual data entry authorization (e.g., approval for order
entry) may be replaced by other procedures, such as authorization controls
contained in computer programs (e.g., credit limit approval). Lack of visible
transaction trail—certain data may be maintained on computer files only. In a
manual system, it is normally possible to follow a transaction through the
system by examining source documents, books of account, records, files and
reports. In a CIS environment, however, the transaction trail may be partly in
machinereadable form, and furthermore it may exist only for a limited period of
time. Lack of visible output—certain transactions or results of processing may
not be printed. In a manual system, and in some CIS, it is normally possible to
examine visually the results of processing. In other CIS, the results of
processing may not be printed, or only summary data may be printed. Thus,
the lack of visible output may result in the need to access data retained on files
readable only by the computer. Ease of access to data and computer
programs—data and computer programs may be accessed and altered at the
computer or through the use of computer equipment at remote locations.
Therefore, in the absence of appropriate controls, there is an increased
potential for unauthorized access to, and alteration of, data and programs by
persons inside or outside the entity.
2. The nature of computer processing allows the design of internal control
procedures in computer programs. These procedures can be designed to
provide controls with limited visibility (e.g., protection of data against
unauthorized access may be provided by passwords). Other procedures can
be designed for use with manual intervention, such as review of reports printed
for exception and error reporting, and reasonableness and limit checks of data.
The internal controls over computer processing, which help to achieve the
overall objectives of internal control, include both manual procedures and
procedures designed into computer programs. Such manual and computer
control procedures comprise the overall controls affecting the CIS environment
(general CIS controls) and the specific controls over the accounting
applications (CIS application controls).
3. Many control procedures that would ordinarily be performed by separate
individuals in manual system maybe concentrated in CIS. The potential
unauthorized access to data or to alter them without visible evidence may be
greater. Errors embedded in an application's program logic may be difficult to
manually detect on a timely basis. Initiation of changes in the master file is
exclusively handled by respective users.
4. Computerized accounting system (CAS) involves the use of computers in
processing accounting data into information to facilitate quick decision making
through timely preparation of financial reports and financial reporting in this
case refers to the way in which financial information is recorded, processed
and conveyed to the end users of this information in particular. Accounting
systems contain confidential information that should be kept safe and secure at
all times. The consequences of unauthorized access can be devastating--from
identity theft problems to loss of irreplaceable data. When accounting data is
changed or deleted on purpose or by chance, it creates havoc in the
accounting department, calling into question the reliability or accuracy of all
data. The internal controls of an AIS are the security measures it contains to
protect sensitive data.

You might also like