This preview shows page 1. Sign up to view the full content.
Unformatted text preview: he following areas (Source: 2005 February Status Report of the Auditor General of Canada; Ch. 8 – Managing Government: Financial Information, App. B, from: ): http://www.oagbvg.gc.ca/internet/English/att_20050208ab_e_13979.html Electronic security controls Monitoring controls Application control issues 13 Common internal control weaknesses: Common internal control weaknesses: Electronic security controls (2005 AGR) (1) User profiles (access rights and privileges) provided for incompatible functions and broad access to systems
(2) “Super user accounts” were not controlled
(3) Use of generic (or common) user IDs were prevalent
(4) Key security parameters (such as tables that identify access rights or report structure) were not effectively controlled
14 Impact on Business and on the Audit Impact on of security weaknesses (2005 AGR) Unauthorized access to data or programs could occur
Accidental or intentional changes to data or destruction of information could occur
Incorrect reports could be prepared
Auditor cannot rely on segregation of duties or quality of information
15 Common internal control weaknesses: Common internal control weaknesses: Monitoring/supervision controls (2...
View Full Document
This document was uploaded on 02/15/2014.
- Winter '13