Unformatted text preview: IT Audit Manual
are there procedures in place to help ensure that all successfully entered
transactions are processed fully or followed up to ensure their proper final
does the application include procedures that should ensure transaction are
recorded into the proper period,
does the application system include automated or manual procedures to
identify transaction designed to circumvent automated controls?
are application logs inbuilt to keep track of the transactions done? Are there
controls designed to ensure that data stored in the application is protected from
unauthorised changes or deletion;
does the application system have automated or manual features designed to
backup all or changed application system data at regular intervals.
DD.2 Review system specifications for each application within the system for clarity,
completeness, and consistency.
DD.3 Review flow charts, decision tables, or narratives to assess the reasonableness of
program logic incorporated in applications.
DD.4 Check whether the accuracy and completeness of Detailed System Design
specifications has been acknowledged by the appropriate level of user and Data
DD.5 Check that the Detailed System Design document has been reviewed by the Steering
Committee/Sign off Authorities? Have they signified acceptance? Note any
conditional acceptance for follow-up in later stages.
DD.6 Check whether a program and system test plan has been developed and released?
Verify that it covers at least the following both for program and system testing, and
for volume and operational testing:
overview of the software to be tested, including vendor software and conversion
software and the work environment it operates in
materials and supplies including equipment, software, storage facilities,
documentation, test input, sample output, and special forms
list of user requirements to be tested
list of operational requirements to be tested
overview of test progression
View Full Document