StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Internal Controls of Information Technology - Essay Example

Cite this document
Summary
The paper "Internal Controls of Information Technology" discusses that the key criteria to evaluate the process are the completeness of the data processed, the actual occurrence of the transactions for which the data pertain to and the accuracy of the information processed by the system…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.9% of users find it useful
Internal Controls of Information Technology
Read Text Preview

Extract of sample "Internal Controls of Information Technology"

Internal Controls Related to the Revenue Cycle The company’s revenue cycle is a very (if not the most) important part of the company’s operations. This cycle is composed of many processes. One of these is the sales order process. In this process, IT is involved in making sure that no sales order will be processed if any of the primary information (such as customer name and volume ordered) required by the company are not completely encoded in and captured by the system. The criterion used to evaluate this process is accuracy, that is, “amounts and other data relating to the…transactions and events have been recorded appropriately” (Puttick and van Esch, 2007, p. 260). The control here is that the system will compare the encoded data with the required primary information. According to Hall and Singleton (2005, p. 395), IT controls for this process are data validation controls to detect missing information such as missing data checks (data “are used to examine the contents of a field for the presence of blank spaces”) and numeric-alphabetic data checks (the determination of “whether the correct form of data is in a field”). Another IT control in this process is the “sign checks or tests to see if the sign of a field is correct for the type of record being processed” (Hall and Singleton, 2005, p. 307) such as a positive amount for sales orders or negative amount for sales returns. One way to test this control is to encode details of a sales order in the system, exclude some or all of the primary information and see if the system will still generate the sales order. Another process in the revenue cycle is the credit checking process for a customer. The IT involvement in this process are that it ensures that no customer will be granted additional credit if the customer has already exceeded the approved credit line and that no customer’s order will be accepted if there is no approved credit line in the first place. In this case, the presence of proper authorization is the main criterion used to evaluate the process. The controls here are the system compares the total amount of credit granted to the customer with the credit line of the same customer and it also checks if the potential customer has an existing credit line with the company and, based on this comparison, accepts or rejects the customer’s order. In both cases, IT uses limit checks to “determine if the value in the field exceeds an authorized limit” (Hall and Singleton, 2005, p. 395). Another IT control is access control or override capability control, that is, only those company officers who are authorized to approve those customers who were previously rejected by the system can access the system and manually override the system’s rejection. For the control tester, one way to test the controls is to encode a fictitious sale for a customer that will make the customer’s current credit exceed his or her credit line and see if the system will accept the order. Another way to test the controls is to encode the sales order of a fictitious customer who has no approved credit line in the company and see if the system will not process the fictitious customer. Another process included in the revenue cycle is the updating of the accounts receivable subsidiary ledger. At the end of each day, the system ensures that only valid sales transactions and cash receipts (related to on account sales) are captured in the accounts receivable change report. In this process the key criteria are completeness of the transactions recorded, accuracy of the information processed and recorded and actual occurrence of the transactions recorded. The key control here is that the system reconciles the numbers shown in this change report “with total sales, total cash receipts (on account), and the general ledger” (Hall and Singleton, 2005, p. 403) or the GL for the same day. With IT, it implements several controls to support this key control. These are generation of an error listing, maintenance of transaction logs which show successfully-processed transactions, unique transaction identifiers which identifies each transaction by assigning unique numbers to each transaction and, in general, generating automatic audit trails of the related transactions. These audit trails reports “ensure data can be traced through a system from its source to its final destination” (Pathak, 2005, p. 10). The test here is to perform a manual tie-up of the amounts shown in the change report, the total sales, the total cash receipts and the GL. Another test is to “trace sample transactions through the audit trail reports” (Hall and Singleton, 2005, p. 404) generated by the system and see if the transactions are properly captured in the related reports. Internal Controls Related to the Expenditure Cycle The expenditure cycle involves the purchasing, payroll and cash disbursement processes. One of the processes involved with purchasing is the preparation of a purchase requisition. In this process, the IT’s role is to make sure that the quantities of the items sold during the day are still above “their reorder points” (Hall and Singleton, 2005, p. 437). If the quantity is below such reorder point, the system ensures that there is a requisition file prepared for the inventory item and that, once the requisition file is prepared, no duplicate order will be placed for the same item. In this process, the main criterion for the evaluation is if there is proper inventory management and control and the completeness of the inventory files (including the applicable reorder points). A control in this process is that the system will flag the applicable inventory item as ‘on order’ to ensure that there will be no duplicate order placed for this item. In this case, IT may utilize batch controls to process sales transactions, update the inventory items and capture those items that are already below their reorder points. IT may also use real-time processing controls to immediately capture those inventory items that are below reorder points within any given time of the day. Lastly, IT also utilizes a log of automatic transactions to maintain a record of those inventory items ordered and tagged ‘on order’. To test the control, the tester can create fictitious inventory and sales transactions that will reduce a certain inventory item below the reorder point. He or she can then check if the requisition order was prepared and if the inventory item was appropriately tagged ‘on order’. With payroll, according to Hall and Singleton (2005), one critical process is the updating of the employee file to reflect newly-hired and resigned employees, changes in pay rates, status, deductions and changes in job positions. Another critical procedure is the actual preparation of the payroll checks of the employees and the release of such checks to the employees. IT’s role in this aspect is to ensure that no payroll check will be released unless the employee is authorized to receive such check. Thus, proper authorization, completeness of the list of new employees and the changes in payroll information, accuracy of the details and the changed information and existence of the actual payroll liability of the company are key criteria for this process. One control in this process is the matching of the attendance files of the employees against the updated employee file found in the system. In this case, access controls implemented by IT are critical as this will ensure that the data being matched by the system to the attendance files are correct and valid. Other controls of IT that are important in this process are limit checks (for pay rates or employee hours that exceed company policy), range checks (for establishing upper and lower limits on pay rates) and reasonableness checks (for checking if the value is reasonable when taken into consideration with other data in the record). For the tester, this control can be tested by creating attendance files of both existing and non-existent employees and see if the system or the payroll application will accept the correct file and reject the invalid attendance files. Lastly, two related processes in the expenditure cycle are the updating of the accounts payable to reflect the purchases or payroll or disbursement transactions and the generation of a summary report called the “accounts payable change report” (Hall and Singleton, 2005, p. 461). In these processes, the system's role is to ensure that only valid transactions are properly captured and recorded in this report and in other related reports. The key criteria to evaluate the process are the completeness of the data processed, the actual occurrence of the transactions for which the data pertain to and the accuracy of the information processed by the system. The key control here is that the report will be reconciled by the system with “total vendor invoices received, total disbursements, and the general ledger” (Hall and Singleton, 2005, p. 461). For IT, its controls in this aspect are the transaction logs, the unique transaction identifiers, the error listing and other system-generated audit trail reports. As to the test of the controls, the tester can test this control by performing his or her own tie up between the change report, the received vendor invoices, the total cash outlays and the GL. The tester can also sample certain transactions in this cycle and trace them through the system and through the audit trail reports to ensure that these transactions are properly reflected in their corresponding reports. References Hall, James A. and Singleton, Tommie (2005). Information Technology Auditing and Assurance. Singapore: Thomson Learning Asia. Pathak, Jagdish (2005). Information Technology Auditing. Germany: Springer-Verlag Berlin Heidelberg. Retrieved on June 13, 2009 from http://books.google.com/ books?id=YEMw_2UBzPgC&pg=PA5&dq=information+technology+internal+controls+auditing&lr=#PPP1,M1. Puttick, G., van Esch, Sandy (2007). The Principles and Practice of Auditing. 9th edition. South Africa: Juta & Co. Ltd. Retrieved on June 12, 2009 from http://books.google.com/books? id=jQSDMo-a94C&printsec=frontcover&dq= principles+and+practice+of+auditing. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Internal Controls of Information Technology Essay, n.d.)
Internal Controls of Information Technology Essay. Retrieved from https://studentshare.org/information-technology/1724859-controls-of-information-technology-and-reporting
(Internal Controls of Information Technology Essay)
Internal Controls of Information Technology Essay. https://studentshare.org/information-technology/1724859-controls-of-information-technology-and-reporting.
“Internal Controls of Information Technology Essay”. https://studentshare.org/information-technology/1724859-controls-of-information-technology-and-reporting.
  • Cited: 0 times

CHECK THESE SAMPLES OF Internal Controls of Information Technology

Oracle Database Recovery

The core element regarding data and information portrays impact on more than one control files that are missing.... “$ svrmgrl SVRMGR > connect internal; Connected.... This paper ''Oracle Database Recovery'' discusses that the Oracle database includes a number of interconnected parts that are used for recovering a database that can be processed via elimination....
7 Pages (1750 words) Research Proposal

Information Technology for Management Efficiency

nbsp;The use of information technology and its application has created a wider database of new opportunities in the real world.... The essay "information technology for Management Efficiency" discusses three major areas where IS/IT skills significantly contribute to efficient management.... Barton emphasizes that 'hands-on real-time interaction with the new system… with a more broad-based understanding of the flow of information through the system' is needed (Barton, 2001)....
5 Pages (1250 words) Essay

Internal Policies (Accounting Ethics)

With the improvements of the technology, nowadays all filling of firms and reporting are being done by the internet.... We use emails to get their clients' up – to - date information and details with the present status of their assignments.... While assigning a project, the clients always provide some documents and information to the accounting firm.... internal policies bind any organisation with the much required regulations....
2 Pages (500 words) Essay

Discuss the information technology control

The discussion aims at highlighting the importance and relevance of information technology controls in the business environment and more importantly in the organizational environment.... This statement shows that information technology and controls has great importance in the organizational set up and should Information Technology Controls By [Presented to] of Discussion The discussion aims at highlighting the importance and relevance of information technology controls in the business environment and more importantly in the organizational environment....
2 Pages (500 words) Essay

Techmark Limited Marketing Strategy

The company plans to provide information technology services to companies to improve the marketing strategies adopted.... To be an effective information technology company that offers operational management services in relation to marketing processes.... The company intends to incorporate information technology into the marketing strategies adopted by companies to gain a competitive advantage.... To be an effective information technology company that offers operational management services in relation to marketing processes....
6 Pages (1500 words) Case Study

Brunel Business School and Social Media

Brunel Business School often faces challenges with the adoption and use of information systems,... These challenges in reality may arise from social media being more than just another information system implemented and a new tool or by the organization.... Some of the common social medias are collaborative plans (I....
6 Pages (1500 words) Coursework

Policy, Team, and Information Technology Differences

hellip; The use of information technology in the organization should conform to the policies of the groups.... "Policy, Team, and information technology Differences" paper investigates the policies that guide the two systems use in different groups, and how the teams are affected by their implementation while analyzing the differences and solutions that would permit their efficient use in the organization.... The enterprise policies aids in making decisions inside the departments and organizational levels as they provide an array of information from diverse sources (Xu, 2011)....
7 Pages (1750 words) Coursework

Organizational Security in the Internet

The paper "Organizational Security in the Internet" tells that businesses face higher risks because of the use of technology required for better living.... Understanding what the threats are with the Internet and how it is linked to organizational security and finding different alternatives to begin to secure organizations required to use technology and the Internet will also provide better solutions for those linked to IT.... he first major types of threats seen from the Internet and organizational security come from the internal environment and how end-users use technology....
6 Pages (1500 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us