Programmers should not be allowed to make changes to actual production source

Programmers should not be allowed to make changes to

This preview shows page 1 - 3 out of 3 pages.

Programmers should not be allowed to make changes to actual production source programs and data files. Segregation of Duties Programmers should not have access to production programs or data files. Periodic Comparisons Internal Audit or an independent group should periodically process actual data, and compare the output with output from normal operations. Differences indicate unauthorized program changes. Periodic comparisons of on-line programs to off – line backup copies to detect changes. - Independent file librarian function who controls custody/ access to programs. File alteration Defrauder revises specific data or manipulates data Restrict Access to Equipment/Files Restrict
Image of page 1
files. For example: Using program instructions to fraudulently change an employee’s pay rate in the payroll master file Transferring balances among dormant accounts to conceal improper withdrawals of funds. access to computer center. Programmers and analysts should not have direct access to production data files. Have a librarian maintain production data files in a library. Restrict computer operator access to
Image of page 2
Image of page 3

You've reached the end of your free preview.

Want to read all 3 pages?

  • Fall '19
  • Computer program, data theft, AuthorizationData input

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture