Beruflich Dokumente
Kultur Dokumente
Deployment
Risks
6 Implementing
Software
Applications
Shania Joyce Gonzales
Ma. Terrisa Kate Bueno
Controlling and
Auditing the
System
Development
Erica Viola Toreja
Donna Jane Delmiguez
April Mae Mapute
Maria Lara Rhodora Cruz
Controlling New Systems
Development
4
Controlling Systems
Maintenance
5
Systems
Maintenance
-the longest period in the SDLC
6
The Controlling Systems
Maintenance
RISKS CONTROLS
7
Maintenance Authorization,
Testing, and Documentation
RISKS CONTROLS
9
Source Program Library Controls
RISKS CONTROLS
11
Source Program Library Controls
A Controlled SPL
Environment
- To control the SPL,
protective features and
procedures must be
explicitly addressed, and
this requires the
implementation of an SPL
management system
(SPLMS).
12
A Controlled SPL Environment
The black box surrounding the SPL signifies the
SPLMS. This software is used to control four
routine but critical functions:
(1) storing programs on the SPL
(2) retrieving programs for maintenance
purposes
(3) deleting obsolete programs from the
library
(4) documenting program changes to
provide an audit trail of the changes.
13
A Controlled SPL Environment
You may have recognized the similarities between the SPL
management system and a database management
system.
This is a valid analogy, the difference being that SPL
software manages program files and DBMSs manage
data files.
SPLMSs may be supplied by the computer manufacturer
as part of the OS or may be purchased through software
vendors.
Some organizations, to provide special control features,
develop their own SPL software.
14
A Controlled SPL Environment
The mere presence of an SPLMS does not
guarantee program integrity.
Again, we can draw an analogy with the DBMS.
To achieve data integrity, the DBMS must be
properly used; control does not come
automatically, it must be planned.
Likewise, an SPL requires specific planning and
control techniques to ensure program
integrity.
15
Audit Procedures Related
to System Maintenance
16
Audit Procedures Related
to System Maintenance
Identify Unauthorized Changes
Examine audit trail of program
changes
Confirm that authorization
procedures were followed
• Reconcile program version
numbers
• Confirm maintenance
authorization
17
Audit Procedures Related
to System Maintenance
Identify Application Errors
Determine that programs are free
from material errors
• Reconcile the source code
• Review test results
• Retest the program
18
Reconcile the source code
19
Reconcile the source code
20
Audit Procedures Related
to System Maintenance
Identify Application Errors
Determine that programs are free
from material errors
• Reconcile the source code
• Review test results
• Retest the program
21
Review test results
Purpose: To establish that testing was
sufficiently rigorous to identify any
errors, the auditor should review test
results for each significant program
change.
Every program change should be
thoroughly tested before being
implemented.
Program test procedures should be
properly documented (which support
the programmer’s decision to
implement the change) by:
• test objectives
• test data 22
• processing results
Audit Procedures Related
to System Maintenance
Identify Application Errors
Determine that programs are free
from material errors
• Reconcile the source code
• Review test results
• Retest the program
23
Retest the program
24
Audit Procedures Related
to System Maintenance
Test Access to Libraries
Review programmer
authority tables
Test authority table
25
Review programmer authority tables
26
Audit Procedures Related
to System Maintenance
Test Access to Libraries
Review programmer
authority tables
Test authority table
27
Test authority table
28
In two or three
columns
Yellow Blue Red
Is the color of Is the colour of the Is the color of
gold, butter and clear sky and the blood, and
ripe lemons. In the deep sea. It is because of this it
spectrum of located between has historically
visible light, yellow violet and green been associated
is found between on the optical with sacrifice,
green and orange. spectrum. danger and
courage.
29
A picture is worth
a thousand words
A complex idea can be conveyed
with just a single still image, namely
making it possible to absorb large
amounts of data quickly.
30
Want big impact?
Use big image.
31
Lorem
ipsum
Use
diagrams to
explain your Lorem ipsum
congue
32
And tables to
compare data
A B C
Yellow 10 20 7
Blue 30 15 10
Orange 5 24 16
33
Maps
our
office
34
89,526,124
Whoa! That’s a big number, aren’t you proud?
35
89,526,124$
That’s a lot of money
185,244 users
And a lot of users
100%
Total success!
36
Our process
is easy
1 2 3
37
Let’s review some
concepts
Yellow Blue Red
Is the color of Is the colour of Is the color of
gold, butter and the clear sky and blood, danger
ripe lemons. the deep sea. and courage.
38
You can insert graphs from Google Sheets 39
Mobile Place your screenshot here
Show and explain your
web, app or software
project
projects using these
gadget templates.
40
Tablet Place your screenshot here
Show and explain your
web, app or software
project
projects using these
gadget templates.
41
Desktop Place your screenshot here Show and explain your
web, app or software
project
projects using these
gadget templates.
42
Thanks!
Any questions?
You can find me at
○ @username
○ user@mail.me
43
Credits
Special thanks to all the people who
made and released these awesome
resources for free:
○ Presentation template by
SlidesCarnival
○ Photographs by Unsplash
44
Presentation design
This presentation uses the following typographies:
○ Titles: Poppins Bold
○ Body copy: Poppins Light
You can download the fonts at:
https://www.fontsquirrel.com/fonts/poppins
Examples:
46
😉
Now you can use any emoji as an icon!
And of course it resizes without losing quality and you can change the
color.
✋👆👉👍👤👦👧👨👩👪💃🏃💑❤😂
😉😋😒😭👶😸🐟🍒🍔💣📌📖🔨🎃🎈
🎨🏈🏰🌏🔌🔑 and many more...
47