Beruflich Dokumente
Kultur Dokumente
• Stand-alone workstation
• CIS environment in which personal computers are used is less structured than
a centrally-controlled CIS environment
• Application programs can be developed relatively quickly by users possessing
basic data processing skills
• Controls over the system development process and operations may not be
view
viewed
ed by the
the deve
develolope
perr, user
user or mana
manage
geme
ment
nt may
may not
not be view
viewed
ed as
important or cost-effective in a personal computer environment
• Users may tend to place unwarranted reliance on the financial information
stored or generated by a personal computer
• The degree of accuracy and dependability of financial information produced
will
will depe
dependnd upon
upon the
the inte
intern
rnal
al cont
contro
rols
ls pres
prescr
crib
ibed
ed by mana
manage
geme
ment
nt and
and
adopted by the user
• Management responsibilities
• Instructions on personal computer use
• Training requirement
• Authorization for access to programs and data
• Policies to prevent unauthorized copying of program and data
• Security,
Security, back-up and storage requirements
• Applications development and documentation standards
• Standards of report format and report distribution controls
• Personal usage policies
• Data integrity standards
• Responsibility for programs, data and error corrections
• Appropriate segregation of duties
• Segregate data files organized under separate file directories – this allows the
user
user to segre
segregat
gatee inform
informati
ation
on on remova
removabl
ble
e and non-re
non-remov
movabl
ablee storag
storage
e
media
• Using hidden files and secret file names
• Employing passwords
• Using
Using crypto
cryptogra
graphy
phy – this
this is the proces
process
s of transf
transform
orming
ing progra
programsms and
and
information into an unintelligible form
• Using anti-virus programs
The effect of personal computers on the accounting system and the associated risks
will generally depend on
• The
The exte
extent
nt to whic
which
h the
the pers
persononal
al comp
comput
uter
er is bein
being
g used
used to proc
proces
ess
s
accounting applications
• The type and significance of financial
fi nancial transaction being processed
• The nature of files and programs utilized in the applications
• The auditor often assumes that the control risk is high in such systems
• The auditor may find it cost effective not to make a review of general CIS
cont
contro
rols
ls or CIS
CIS appl
applic
icat
atio
ion
n cont
contro
rols
ls but
but to conc
concen
entra
trate
te the
the effo
effort
rts
s on
substantive tests at or near the end of the year