Beruflich Dokumente
Kultur Dokumente
OBJECTIVES:
ACCT 4342
Figure 13-1
ACCT 4342
Entering Maintenance
Last phase of SDLC
Maintenance: simple complex
Rarely is there never a change to a
system
System Changes high risk
ACCT 4342
1.
2.
3.
4.
Formal authorizations
Technical specifications
Testing
Documentation Update
Essentially treat
maintenance as a
Mini SDLC
ACCT 4342
ACCT 4342
10
Controlled SPL
Environments
Figure 17-3
12
ACCT 4342
13
Program Change
Auditing procedures: verify that
programs were properly maintained,
including changes
Specifically, verify
1. Maintenance procedures protect
application from unauthorized changes
2. Applications are free from material
errors
3. Program libraries are protected from
unauthorized access
16
Test of Controls
Audit Objective: Maintenance
procedures protect application from
unauthorized changes
Tests of Controls:
Reconcile Program Version Numbers
Look for discrepancies in version
number and documentation
Confirm Maintenance Authorization
Look for management approval
ACCT 4342
17
Test of Controls
Audit Objective: Applications are free from material
errors
Tests of Controls:
Reconcile Source Code
Documentation describes what the reason for the
change was
Compare descriptions in authorization to
descriptions in the source program library
Review Test Results
Verify testing occurred and was rigorous enough to
work
18
Test of Controls
Audit Objective: Program libraries are
protected from unauthorized access
Tests of Controls:
Review Programmer Authority Tables
Test Authority Table
ACCT 4342
19