Programmers should not be allowed to make changes to actual production source programs and data files. Segregation of Duties Programmers should not have access to production programs or data files. Periodic Comparisons Internal Audit or an independent group should periodically process actual data, and compare the output with output from normal operations. Differences indicate unauthorized program changes. Periodic comparisons of on-line programs to off – line backup copies to detect changes. - Independent file librarian function who controls custody/ access to programs. File alteration Defrauder revises specific data or manipulates data Restrict Access to Equipment/Files Restrict
files. For example: Using program instructions to fraudulently change an employee’s pay rate in the payroll master file Transferring balances among dormant accounts to conceal improper withdrawals of funds. access to computer center. Programmers and analysts should not have direct access to production data files. Have a librarian maintain production data files in a library. Restrict computer operator access to
You've reached the end of your free preview.
Want to read all 3 pages?
- Fall '19
- Computer program, data theft, AuthorizationData input