Essay, Research Paper: Discussion Of Internal Comtrols That Are Placed In An Account
Accounting
Free Accounting essays posted on this site were donated by users and are provided for informational use only. The free essay on this page was not written by our writers and should not be viewed as a sample of our writing service. We are neither affiliated with the author of this essay nor responsible for its content. If you need high quality, fresh and competent research / writing done on the subject of Accounting, use the professional writing service offered by our company.
In accounting systems, certain controls are needed to ensure that employees are doing their jobs properly and ensure that the system runs
properly. These checks are in the best interest of the organization. These controls come in the form of internal and external controls for
the system. The internal controls are the checks that are placed in the system my the company's own management and directors. Today
more and more companies are moving from the manual accounting systems to computerized accounting information systems. The
advantages of a computerized system are increases in the speed and accuracy of processing accounting information.
However, as systems become computerized, the internal controls for that system has to be adapted accordingly. This is because
computerized systems bring with them certain unique problems that can only be removed or minimized by adapting the present controls
and adding new controls. These problems are
テつ· In a manual system there is a paper trail for the internal auditor to follow. All records and transactions are kept on paper and so an
auditor has clear and documented proof of what has transpired. Computerized systems rarely have a clear paper trail to follow. Since
computers do all of the sorting of the information the company rarely sorts the source documents. Also the computer does most of the
calculations and processing so there would not be the amount of documentation that there would be in a manual system.
テつ· Another problem of computer systems is the fact that there can be difficulty in determining who entered the data. In a manual system
the identity of the person entering the data can be identified possibly by the person's handwriting. This cannot be done in a
computerized system. This makes it very difficult to determine who is responsible for errors or fraud.
テつ· Since the computers do all calculations and processing errors can occur due to bad design of the program. This can be difficult to
detect especially if the error does not occur frequently and only does so under particular conditions.
テつ· Computer systems also offer new opportunities for fraud. If a computerized system is not set up properly and certain checks not put in
then the computer system can be used to defraud the company. The fact that it is difficult to trace who enters the data only adds to the
magnitude of this.
In order to minimize the risks of errors or fraud occurring in the computer system certain controls have to be put into place. These
controls can be broken up into three different categories. They are
1. Administrative Controls
2. Systems Development Controls
3. Procedural Controls
Administrative Controls
Administrative controls are those controls are those controls that are placed on the system to ensure the proper organization and
processing of data. These administrative controls are
Division of duties.
Duties are assigned to different individuals in the organization. This is done in such a way that no one person can have full control
over a transaction. This ensures that an individual cannot have full control over the creation and operating of the system. One reason for
this division is having one person controlling the system can result in fraud if that person is not completely trustworthy. Another reason
for the division of duties is to prevent the organization from becoming totally dependent on the person controlling the computer system.
If this person were to leave then the organization would have no one to run the system. The division of duties ensures that employees can
leave without having any major effect on the system.
Operation Controls
Operation controls are necessary controls since they since they determine what the computer systems and the employees using the
system have been doing. These controls can come in the form of
テつ· rotation of shifts
テつ· duty logs
テつ· a manual of operating instructions
テつ· attendance controls
テつ· computer logs
These controls can allow an auditor to track the exact actions of the computer systems and employees. This documentation allows the
to easily spot any errors or improper actions that have occurred.
Files Controls
These controls are put in place to minimize the number of errors and omission that occur in the file system. Good file controls are
テつ· Availability of a skilled technician
テつ· Proper procedures for issuing and returning files
テつ· proper labeling and indexing of files
テつ· protection of storage media from dust, humidity, fire etc.
テつ· Procedures for returning files for certain minimum periods
テつ· Facilities for recovering files that have been damaged or corrupted.
テつ· Facilities for creating backup copies of files.
The placement of these controls have very serious implications. These controls that information that is vital to the organization is safe.
The data in these files must be protected from errors or tampering whether intentional or accidental.
Hardware Security
The computer hardware is not only important to the processing of the information but is also a valuable fixed asset for the company.
Therefore controls for the protection of the hardware must be put into place. Computer hardware must be placed in a secure area where
the access to it is limited only to those who need to use it. Certain levels of security must me maintained e.g. only the systems
administrator can have access to the CPU and storage systems. The computer system must also be placed in a control environment to
protect it from environmental hazards e.g. dust and humidity. Arrangements should be made to protect the computer against fires and
power fluctuations. There should also be some controls in place to recover the system in case the hardware fails. These controls would
ensure that the breakdown of the hardware would not have a serious effect on the company.
Systems Development controls
These are the controls that are put over the design and implementation of the system. These controls ensure that the system is
developed with a minimum number of errors.
Standardization
One important control is standardization. These consist of various standards that are laid down by management for the design and
development of the system. These standards include the complete documentation of the development of the system. These standards would
not only benefit in the correcting of problems and updating of the system, the documentation would allow the auditor to get a better
idea of how the system works. This would help the auditor in spotting possible problems in the system.
Involvement of Management
The involvement of the organizations management in the development of the system is an important control. With these controls,
management must have documentation such as feasibility studies, budgets and performance evaluations. These documents would allow
management to decide if the system being developed would be viable and cost effective. Without such controls, expensive projects can be
started and never finished, costing the organization a great deal in time and money. These managerial controls force the development
team to do a thorough job since they are accountable to management..
Testing
Testing and trials are important controls and require that systems are thoroughly tested before they become operational. The extensive
testing of programs will minimize or even eliminate the errors in the computer system. The tests will show exactly what type of problems
occur in the system in the processing of certain data and would also indicate any problems in the response time of the systems. Also, the
benchmarks that are calculated in testing can be compared with benchmarks taken later on to see if the program has been tampered with.
Training
The training of the data processing staff is a very important control. Proper training of staff would reduce the number of errors that
would occur in the system due to inadequate knowledge of the system. The trained staff would be less likely to make mistakes.
Concurrent Running of old and new systems.
Running the old and new systems concurrently is also an important control. This control would allow the organization to compare the
results of the two systems when they do different tasks. These results would allow them to find any problems in the new system by
validating the results of the new system with the results of the old one
Procedural Controls.
Procedural controls are one of the most important set of controls as they are the ones that are placed on the day to day running of
the system. Procedural controls are particularly effective in detecting whether a system has been tampered with and so are effective in
detecting fraud. Procedural controls are divided into those controls placed on input, output, processing and storage.
Input Controls
These are procedural controls that are placed on the input of data into the system. These controls are
テつ· Serial numbering of documents
テつ· Validation checks on documents
テつ· Batching documents and checking of batch totals
テつ· authorization procedures
These controls are carried out by the user department. The Data processing depart also then gets the data and put carry out their own
controls. These are
テつ· Vetting of batches to ensure that they are correct
テつ· checks on data conversion methods
These checks are made so that the data that is entered is as accurate and as error free as possible.
Processing Controls
Once that data has been entered into the system and is being processed, the processing controls are used to ensure that the data is
processed properly. Processing controls are divided into two categories. These are
1. Validation tests
2. File checks
The validation checks are made on the data when it is being processed. These checks ensure that the data is processed correctly.
Validation checks include
テつ· Check digit verification
テつ· Checks in the size of file and records
テつ· check on mode of the file
テつ· Check on consistency of fields in files
テつ· Range tests on numbers and values
テつ· Hash totals
テつ· Control record checks
テつ· Sequence checks to ensure that records are entered in the right order
テつ· Error logs which contain a record of all errors that have occurred during the processing of the data.
テつ· Transaction logs which contain a record of each transaction that has been made. This provides an audit trail for the auditor. The
transaction log would contain where a particular transaction originated and who initiated it.
File checks are the controls to ensure that the integrity of the files that hold the data for the organization remain intact during
processing. Some file checks are
テつ· Use of header tables to identify files
テつ· Use of trailer labels to ensure that the record is completely read.
テつ· Arithmetic proof of the validation of certain fields by checking them with other fields in the record
Output controls
The outputting of processed data also has certain controls. These output controls are used to ensure the completeness, accuracy and
timeliness of the output on screen, printed form as well as on storage media. Some output control procedures are
テつ· Initial screening of the output to detect obvious errors
テつ· Output should only be distributed by authorized persons to authorized persons.
テつ· Controls totals on the output should be checked against the control totals of the input to ensure the consistency of data.
テつ· All the documents produced should be numbered and accounted for
テつ· Highly sensitive materials should not be seen by the general data processing staff but should be outputted to a secure location.
テつ· A feedback system must be developed between the users and the data processing department so that any errors that occur would be
reported and subsequently corrected.
Storage Controls
When data is stored additional controls must be put into place to ensure that the data is stored properly and that the data is to
tampered with in any way. These controls ensure that no unauthorized persons would be able to tamper with or destroy the data whether
it be intentionally or deliberately. Some of these controls are
テつ· Authorization controls to ensure that only authorized personnel is allowed to make amendments and deletions to the files.
テつ· Controls to ensure that amendments and deletions are to be thoroughly documented so that the person who made the amendments can
be made accountable for the changes they made.
テつ· Controls to ensure that there are proper facilities for the backup of files. These include ensuring that files are backed up regularly,
multiple backup files are kept and that these files are kept at a secure location and are easily retrievable in case of an emergency.
テつ· Controls that would ensure that the data can be recovered in case of disaster. This includes transaction logs of complete system dumps
which will make periodic backups of all the transactions that occur within the system.
Computerized accounting systems bring with then a set of new and unique problems. The internal controls that have been put into place
for a manual system to help the internal auditor cannot fully prevent or minimize the possibility of errors or fraud that come with the
computerized systems. Therefore the old controls must be modified for the new system and new controls must be put in. Only then can
the internal auditor ensure that the number of errors that occur within the system be minimized or even eliminated..
Bibliography
Basset P.H. (1993) Computerised accounts, 3rd Edition, Manchester : NCC Blackwell. 1-85554-205-6.
Grudinsku G., Burch J., (1989), Information Systems Theory and Practice, 5th Edition, John Wiley and Sons, Inc. 0-471-61293-6.
properly. These checks are in the best interest of the organization. These controls come in the form of internal and external controls for
the system. The internal controls are the checks that are placed in the system my the company's own management and directors. Today
more and more companies are moving from the manual accounting systems to computerized accounting information systems. The
advantages of a computerized system are increases in the speed and accuracy of processing accounting information.
However, as systems become computerized, the internal controls for that system has to be adapted accordingly. This is because
computerized systems bring with them certain unique problems that can only be removed or minimized by adapting the present controls
and adding new controls. These problems are
テつ· In a manual system there is a paper trail for the internal auditor to follow. All records and transactions are kept on paper and so an
auditor has clear and documented proof of what has transpired. Computerized systems rarely have a clear paper trail to follow. Since
computers do all of the sorting of the information the company rarely sorts the source documents. Also the computer does most of the
calculations and processing so there would not be the amount of documentation that there would be in a manual system.
テつ· Another problem of computer systems is the fact that there can be difficulty in determining who entered the data. In a manual system
the identity of the person entering the data can be identified possibly by the person's handwriting. This cannot be done in a
computerized system. This makes it very difficult to determine who is responsible for errors or fraud.
テつ· Since the computers do all calculations and processing errors can occur due to bad design of the program. This can be difficult to
detect especially if the error does not occur frequently and only does so under particular conditions.
テつ· Computer systems also offer new opportunities for fraud. If a computerized system is not set up properly and certain checks not put in
then the computer system can be used to defraud the company. The fact that it is difficult to trace who enters the data only adds to the
magnitude of this.
In order to minimize the risks of errors or fraud occurring in the computer system certain controls have to be put into place. These
controls can be broken up into three different categories. They are
1. Administrative Controls
2. Systems Development Controls
3. Procedural Controls
Administrative Controls
Administrative controls are those controls are those controls that are placed on the system to ensure the proper organization and
processing of data. These administrative controls are
Division of duties.
Duties are assigned to different individuals in the organization. This is done in such a way that no one person can have full control
over a transaction. This ensures that an individual cannot have full control over the creation and operating of the system. One reason for
this division is having one person controlling the system can result in fraud if that person is not completely trustworthy. Another reason
for the division of duties is to prevent the organization from becoming totally dependent on the person controlling the computer system.
If this person were to leave then the organization would have no one to run the system. The division of duties ensures that employees can
leave without having any major effect on the system.
Operation Controls
Operation controls are necessary controls since they since they determine what the computer systems and the employees using the
system have been doing. These controls can come in the form of
テつ· rotation of shifts
テつ· duty logs
テつ· a manual of operating instructions
テつ· attendance controls
テつ· computer logs
These controls can allow an auditor to track the exact actions of the computer systems and employees. This documentation allows the
to easily spot any errors or improper actions that have occurred.
Files Controls
These controls are put in place to minimize the number of errors and omission that occur in the file system. Good file controls are
テつ· Availability of a skilled technician
テつ· Proper procedures for issuing and returning files
テつ· proper labeling and indexing of files
テつ· protection of storage media from dust, humidity, fire etc.
テつ· Procedures for returning files for certain minimum periods
テつ· Facilities for recovering files that have been damaged or corrupted.
テつ· Facilities for creating backup copies of files.
The placement of these controls have very serious implications. These controls that information that is vital to the organization is safe.
The data in these files must be protected from errors or tampering whether intentional or accidental.
Hardware Security
The computer hardware is not only important to the processing of the information but is also a valuable fixed asset for the company.
Therefore controls for the protection of the hardware must be put into place. Computer hardware must be placed in a secure area where
the access to it is limited only to those who need to use it. Certain levels of security must me maintained e.g. only the systems
administrator can have access to the CPU and storage systems. The computer system must also be placed in a control environment to
protect it from environmental hazards e.g. dust and humidity. Arrangements should be made to protect the computer against fires and
power fluctuations. There should also be some controls in place to recover the system in case the hardware fails. These controls would
ensure that the breakdown of the hardware would not have a serious effect on the company.
Systems Development controls
These are the controls that are put over the design and implementation of the system. These controls ensure that the system is
developed with a minimum number of errors.
Standardization
One important control is standardization. These consist of various standards that are laid down by management for the design and
development of the system. These standards include the complete documentation of the development of the system. These standards would
not only benefit in the correcting of problems and updating of the system, the documentation would allow the auditor to get a better
idea of how the system works. This would help the auditor in spotting possible problems in the system.
Involvement of Management
The involvement of the organizations management in the development of the system is an important control. With these controls,
management must have documentation such as feasibility studies, budgets and performance evaluations. These documents would allow
management to decide if the system being developed would be viable and cost effective. Without such controls, expensive projects can be
started and never finished, costing the organization a great deal in time and money. These managerial controls force the development
team to do a thorough job since they are accountable to management..
Testing
Testing and trials are important controls and require that systems are thoroughly tested before they become operational. The extensive
testing of programs will minimize or even eliminate the errors in the computer system. The tests will show exactly what type of problems
occur in the system in the processing of certain data and would also indicate any problems in the response time of the systems. Also, the
benchmarks that are calculated in testing can be compared with benchmarks taken later on to see if the program has been tampered with.
Training
The training of the data processing staff is a very important control. Proper training of staff would reduce the number of errors that
would occur in the system due to inadequate knowledge of the system. The trained staff would be less likely to make mistakes.
Concurrent Running of old and new systems.
Running the old and new systems concurrently is also an important control. This control would allow the organization to compare the
results of the two systems when they do different tasks. These results would allow them to find any problems in the new system by
validating the results of the new system with the results of the old one
Procedural Controls.
Procedural controls are one of the most important set of controls as they are the ones that are placed on the day to day running of
the system. Procedural controls are particularly effective in detecting whether a system has been tampered with and so are effective in
detecting fraud. Procedural controls are divided into those controls placed on input, output, processing and storage.
Input Controls
These are procedural controls that are placed on the input of data into the system. These controls are
テつ· Serial numbering of documents
テつ· Validation checks on documents
テつ· Batching documents and checking of batch totals
テつ· authorization procedures
These controls are carried out by the user department. The Data processing depart also then gets the data and put carry out their own
controls. These are
テつ· Vetting of batches to ensure that they are correct
テつ· checks on data conversion methods
These checks are made so that the data that is entered is as accurate and as error free as possible.
Processing Controls
Once that data has been entered into the system and is being processed, the processing controls are used to ensure that the data is
processed properly. Processing controls are divided into two categories. These are
1. Validation tests
2. File checks
The validation checks are made on the data when it is being processed. These checks ensure that the data is processed correctly.
Validation checks include
テつ· Check digit verification
テつ· Checks in the size of file and records
テつ· check on mode of the file
テつ· Check on consistency of fields in files
テつ· Range tests on numbers and values
テつ· Hash totals
テつ· Control record checks
テつ· Sequence checks to ensure that records are entered in the right order
テつ· Error logs which contain a record of all errors that have occurred during the processing of the data.
テつ· Transaction logs which contain a record of each transaction that has been made. This provides an audit trail for the auditor. The
transaction log would contain where a particular transaction originated and who initiated it.
File checks are the controls to ensure that the integrity of the files that hold the data for the organization remain intact during
processing. Some file checks are
テつ· Use of header tables to identify files
テつ· Use of trailer labels to ensure that the record is completely read.
テつ· Arithmetic proof of the validation of certain fields by checking them with other fields in the record
Output controls
The outputting of processed data also has certain controls. These output controls are used to ensure the completeness, accuracy and
timeliness of the output on screen, printed form as well as on storage media. Some output control procedures are
テつ· Initial screening of the output to detect obvious errors
テつ· Output should only be distributed by authorized persons to authorized persons.
テつ· Controls totals on the output should be checked against the control totals of the input to ensure the consistency of data.
テつ· All the documents produced should be numbered and accounted for
テつ· Highly sensitive materials should not be seen by the general data processing staff but should be outputted to a secure location.
テつ· A feedback system must be developed between the users and the data processing department so that any errors that occur would be
reported and subsequently corrected.
Storage Controls
When data is stored additional controls must be put into place to ensure that the data is stored properly and that the data is to
tampered with in any way. These controls ensure that no unauthorized persons would be able to tamper with or destroy the data whether
it be intentionally or deliberately. Some of these controls are
テつ· Authorization controls to ensure that only authorized personnel is allowed to make amendments and deletions to the files.
テつ· Controls to ensure that amendments and deletions are to be thoroughly documented so that the person who made the amendments can
be made accountable for the changes they made.
テつ· Controls to ensure that there are proper facilities for the backup of files. These include ensuring that files are backed up regularly,
multiple backup files are kept and that these files are kept at a secure location and are easily retrievable in case of an emergency.
テつ· Controls that would ensure that the data can be recovered in case of disaster. This includes transaction logs of complete system dumps
which will make periodic backups of all the transactions that occur within the system.
Computerized accounting systems bring with then a set of new and unique problems. The internal controls that have been put into place
for a manual system to help the internal auditor cannot fully prevent or minimize the possibility of errors or fraud that come with the
computerized systems. Therefore the old controls must be modified for the new system and new controls must be put in. Only then can
the internal auditor ensure that the number of errors that occur within the system be minimized or even eliminated..
Bibliography
Basset P.H. (1993) Computerised accounts, 3rd Edition, Manchester : NCC Blackwell. 1-85554-205-6.
Grudinsku G., Burch J., (1989), Information Systems Theory and Practice, 5th Edition, John Wiley and Sons, Inc. 0-471-61293-6.
0
0
GOOD or BAD? How would you rate this essay?
Help other users to find the good and worthy free term papers and trash the bad ones.
Help other users to find the good and worthy free term papers and trash the bad ones.
Need a Custom Written Essay on Accounting: Discussion Of Internal Comtrols That Are Placed In An Account
Free papers will not meet the guidelines of your specific project. If you need a custom essay on Accounting: Discussion Of Internal Comtrols That Are Placed In An Account, we can write you a high quality authentic essay. While free essays can be traced by Turnitin (plagiarism detection program), our custom written papers will pass any plagiarism test, guaranteed. Our writing service will save you time and grade.
Related essays:
0
0
Accounting / Netscape Analysis Report
Netscape Analysis Report
Accounting 2 Honors
I. History
Netscape Communications Corporation, originally named Mosaic Communications Corporation (MCOM) was founded in A...
1
0
Accounting / Individual Retirement Accounts
Individual Retirement Accounts: Why bother?
by William K.
Outline
Thesis: When planning for retirement, Individual Retirement Accounts offer several benefits; however, carefu...
0
0
Accounting / Accounting Ethics
Contents 1. Introduction 2. What is Business Ethics? 3. The 10 Benefits of Business Ethics 4. Case Study on Nestle 4.1. The Impact of Business Ethics on Nestle 4.2. Nestle's view on Business Ethics 4....
0
0
Accounting / What Is Accounting?
Today I am going to be talking about accounting. There are many different
subjects that can be talked about in accounting. I am only telling you the two subjects that
I think are most imp...
0
0
Accounting / Total Costs - Operations Function
Now let’s consider a planning/decision-making problem within the Operations function that can be addressed by MBA graduates through Managerial Accounting. As was stated earlier, much of a f...
1-866-308-7123, 1-404-963-0617 (fax)
1-877-294-0273, 1-614-921-2450, 0871-871-8283 (Billing, US & Canada)
1785 O'Brien Road, Columbus, Ohio, 43228, U.S.A.
