Beruflich Dokumente
Kultur Dokumente
MWF 3-4PM
Prof. Gonzaga
RECOMMENDATIONS
Logical
access
to
production programs and
data in the mainframe
environment should be
granted
only
to
appropriately authorized
individuals.
Backup
controls
Safeguard
against
unexpected data
loss
and
application
Natural
Disasters. Tailor
your
backup
Human fraud.
strategy to the needs of
your
business.
For
example, if you can
afford to lose data in the
event of a disk failure,
you may not need to
perform backups very
often. The advantage of
taking
infrequent
backups is that you free
Oracle's resources for
other operations.
Internal control
procedures
Assuring
achievement of
an
organization's
objectives
in
operational
effectiveness
and efficiency,
reliable
financial
reporting, and
compliance
with
laws,
regulations and
policies.
Inadequate control
within the
applicant over the
business processes.
No/weak internal c
ontrol procedures
offer possibilities for
fraud,
unauthorised or illegal
activities
- appointment of a
responsible person for
quality in charge of
procedures and internal
controls of
the company;
- make each head of
department fully aware
of
internal controls of their
own department;
record the dates of
internal controls or a
udits and correct
identified weakness
through
corrective actions;
-notify the customs
authorities if fraud, una
uthorised or illegal
activities are discovered;
- make the relevant
internal control procedur
es available to the
personnel concerned
2
Approvals,
Authorizations,
and
Verifications
controls
Any
changes
should
be
authorized,
tested,
approved, and
implemented
properly.
Review
of Document
performance
information
about current
performance to
measure
the
extent to which
goals
and
objectives are
being achieved
and to identify
unexpected
results
or
unusual
conditions that
require followup.
Management
authorizes
employees
to perform
certain
activities or
changes and
to execute
certain
transactions
within
limited
parameters..
-System
security
application software,
such as RACF or
ACF2,
is
not
installed
to
help
prevent unauthorized
modifications
to
application software,
data files, or system
software.
File
documentation
policy
must
be
implemented so that
activity performance can
be measure to determine
if its achieved the
objective.
3
AUDIT OPINION:
In our opinion, the information systems controls of the database environment of the company should improve in