4 - IS Audit and Input Controls

23 busi 335 copyright 2009 10 ym cheung w tan c woo

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: datory requirements for IS Auditing and Reporting. 23 BUSI 335 Copyright © 2009-10 Y.M. Cheung, W. Tan, C. Woo and P. Bera 24 Application Application Systems Development Audits (cont’d) Audits (cont Application Systems Development Audits (cont’d) Audits (cont Salami fraud • Systems Development Standards • Affect large numbers of victims in a minimal way – are the documentation governing the design, development, and implementation of application systems systems. • Each victim gets “a small piece of salami” and is unaware of being defrauded • Project Management • Common example: a programmer who has access to rounding program can remove the last three decimal places of account balance and store it in a separate file (account) – consists of project planning and project supervision. • Program Change Control – is to prevent unauthorized and potentially fraudulent changes from being introduced into previously tested and accepted programs. BUSI 335 Copyright © 2009-10 Y.M. Cheung, W. Tan, C. Woo and P. Bera • Use of accounting software to detect this fraudespecially detecting creation of intermediate files (accounts) 25 BUSI 335 Normally an audit of the computer service Normally, an audit of the computer service center is undertaken before any application audits to ensure the general integrity of the to ensure th...
View Full Document

Ask a homework question - tutors are online