Professional Documents
Culture Documents
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 1 of 136
INTRODUCTION
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 2 of 136
INTRODUCTION
(discussed in Chapter 7)
CONFIDENTIALITY
AVAILABILITY
– Confidentiality
PRIVACY
– Privacy
– Processing integrity
– Availability
SECURITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 3 of 136
CONFIDENTIALITY
• Reliable systems
SYSTEMS
RELIABILITY maintain the
confidentiality of
PROCESSING INTEGRITY
sensitive information.
CONFIDENTIALITY
AVAILABILITY
PRIVACY
SECURITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 4 of 136
CONFIDENTIALITY
• Maintaining confidentiality requires that
management identify which information is
sensitive.
• Each organization will develop its own definitions
of what information needs to be protected.
• Most definitions
• COBIT will include:
control objective PO 2.3 specifies the
need to identify and to properly label potentially
– Business plans
sensitive information, to assign responsibility
– Pricing strategies
for its protection, and to implement appropriate
– Client andcontrols.
customer lists
– Legal documents
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 5 of 136
CONFIDENTIALITY
Situation Controls
Storage Encryption and access controls
Transmission Encryption
Disposal Shredding, thorough erasure, physical
destruction
Overall Categorization to reflect value and training
in proper work practices
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 6 of 136
CONFIDENTIALITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 7 of 136
CONFIDENTIALITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 8 of 136
CONFIDENTIALITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 9 of 136
CONFIDENTIALITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 10 of 136
CONFIDENTIALITY
• Encryption alone is not sufficient to protect
confidentiality. Given enough time, many encryption
schemes can be broken.
• Access controls are also needed:
– To prevent unauthorized parties from obtaining the encrypted
data; and
– Because not all confidential information can be encrypted in
storage.
• Strong authentication techniques are necessary.
• Strong authorization controls should be used to limit the
actions (read, write, change, delete, copy, etc.) that
authorized users can perform when accessing
confidential information.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 11 of 136
CONFIDENTIALITY
• Access to system outputs should also be controlled:
– Do not allow visitors to roam through buildings unsupervised.
– Require employees to log out of any application before leaving
their workstation unattended, so other employees do not have
unauthorized access.
– Workstations should use password-protected screen savers that
automatically engage when there is no activity for a specified
period.
– Access should be restricted to rooms housing printers and fax
machines.
– Reports should be coded to reflect the importance of the
information therein, and employees should be trained not to
leave reports with sensitive information laying in plain view.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 12 of 136
CONFIDENTIALITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 13 of 136
CONFIDENTIALITY
• Special procedures are needed for information stored on
magnet and optical media.
– Using built-in operating system commands to delete the
information does not truly delete it, and utility programs will often
be able to recover these files.
– De-fragmenting a disk may actually create multiple copies of a
“deleted” document.
– Consequently, special software should be used to “wipe” the
media clean by repeatedly overwriting the disk with random
patterns of data (sometimes referred to as “shredding” a disk).
– Magnetic disks and tapes can be run through devices to
demagnetize them.
– The safest alternative may be to physically destroy disks with
highly sensitive data.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 14 of 136
CONFIDENTIALITY
• Controls to protect confidentiality must be
continuously reviewed and modified to respond
to new threats created by technological
advances.
• Many organizations now prohibit visitors from
using cell phones while touring their facilities
because of the threat caused by cameras in
these phones.
• Because these devices are easy to hide, some
organizations use jamming devices to deactivate
their imaging systems while on company
premises.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 15 of 136
CONFIDENTIALITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 16 of 136
CONFIDENTIALITY
• Employee use of email and instant messaging
(IM) probably represents two of the greatest
threats to the confidentiality of sensitive
information.
– It is virtually impossible to control its distribution once
held by the recipient.
– Organizations need to develop comprehensive
policies governing the appropriate and allowable use
of these technologies for business purposes.
– Employees need to be trained on what type of
information they can and cannot share, especially
with IM.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 17 of 136
CONFIDENTIALITY
• Many organizations are taking steps to address
the confidentiality threats created by email and
IM.
– One response is to mandate encryption of all email
with sensitive information.
– Some organizations prohibit use of freeware IM
products and purchase commercial products with
security features, including encryption.
– Users sending emails must be trained to be very
careful about the identity of their addressee.
• EXAMPLE: The organization may have two employees
named Allen Smith. It’s critical that sensitive information go
to the correct Allen Smith.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 18 of 136
PRIVACY
• In the Trust Services
SYSTEMS framework, the privacy
RELIABILITY principle is closely related to
the confidentiality principle.
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 19 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 20 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and
CICA lists ten internationally recognized best practices
for protecting the privacy of customers’ personal
information:
– Management
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 21 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and
CICA lists ten internationally recognized best practices
for protecting the privacy of customers’ personal
information:
– Management
– Notice
• Provides notice about its policies and practices
when it collects the information or as soon as
practicable thereafter.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 22 of 136
•
Describes the choices available to
individuals and obtains their consent
PRIVACY
to the collection and use of their
personal information.
• Choices may differ across countries.
• The Trust Services privacy framework of the AICPA and
– United States—The default is “opt
CICA lists ten internationally recognized best practices
out,” i.e., organizations can collect
for protecting the privacy of customers’ personalabout
personal information
information: customers unless the customer
– Management explicitly objects.
– Notice – Europe—The default is “opt in,”
– Choice and consent i.e., they can’t collect the
information unless customers
explicitly give them permission.
• Collection
– The organization collects only that
information needed to fulfill the
purposes stated in its privacy
policies.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 23 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and
CICA lists ten internationally recognized best practices
for protecting the privacy of customers’ personal
information:
– Management
– Notice
– Choice and consent
– Collection
• The organization collects only that
information needed to fulfill the
purposes stated in its privacy policies.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 24 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and
CICA lists ten internationally recognized best practices
for protecting the privacy of customers’ personal
information:
– Management
– Notice
– Choice and consent
– Collection
– Use and retention
• The organization uses its customers’ personal
information only according to stated policy
and retains that information only as long as
needed.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 25 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and
CICA lists ten internationally recognized best practices
for protecting the privacy of customers’ personal
information:
– Management
– Notice
– Choice and consent
– Collection
– Use and retention
• The organization provides individuals
– Access with the ability to access, review,
correct, and delete the personal
information stored about them.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 26 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and
CICA lists ten internationally recognized best practices
for protecting the privacy of customers’ personal
information:
– Management
– Notice • The organization discloses customers’
– Choice and consent personal information to third parties
– Collection only per stated policy and only to third
parties who provide equivalent
– Use and retention protection.
– Access
– Disclosure to Third Parties
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 27 of 136
• The organization takes reasonable steps to protect customers’
personal information from loss or unauthorized disclosure.
• Issues that are sometimes overlooked: PRIVACY
– Disposal of computer equipment
• Should follow the suggestions presented on section regarding
• The protection
Trust Services privacy framework of the AICPA and
of confidentiality.
–CICA
Emaillists ten internationally recognized best practices
for•protecting
If you sendthe privacy
emails of customers’
to a list of recipients,personal
each recipient
information:
typically knows who the other recipients are.
– •Management
If the email regards a private issue, e.g., perhaps it pertains to
their AIDS treatment, then the privacy of all recipients has
– Notice
been violated.
– Choice and consent
– •Collection
One remedy might be to address the recipients on the “bcc”
line of the email, rather than as original addresses.
– Use and retention
– Release of electronic documents.
– Access
• When physical documents are exchanged, sometimes
– Disclosure to Third Parties
portions are blacked out (redacted) to protect privacy.
– Security
• Similar procedures are needed for the exchange of electronic
documents.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 28 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and CICA
lists ten internationally recognized best practices for
protecting the privacy of customers’ personal information:
– Management
– Notice
– Choice and consent
– Collection
– Use and retention
– Access
– Disclosure to Third Parties
– Security • The organization maintains the
integrity of its customers’ personal
– Quality
information.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 29 of 136
PRIVACY
• The Trust Services privacy framework of the AICPA and CICA
lists ten internationally recognized best practices for protecting
the privacy of customers’ personal information:
– Management
– Notice
• The organization assigns one or more
– Choice and consent
employees to be responsible for
– Collection assuring and verifying compliance
– Use and retention with its stated policies.
– Access • Also provides for procedures to
– respond to customer complaints,
Disclosure to Third Parties
– Security including third-party dispute-
– resolution processes.
Quality
– Monitoring and enforcement
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 30 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 31 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 32 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 33 of 136
PRIVACY
• One topic of concern is cookies used on Web
sites.
– A cookie is a text file created by a Website and stored
on a visitor’s hard drive. It records what the visitor has
done on the site.
– Most Websites create multiple cookies per visit to
make it easier for visitors to navigate the site.
– Browsers can be configured to refuse cookies, but it
may make the Website inaccessible.
– Cookies are text files and cannot “do” anything other
store information, but many people worry that they
violate privacy rights.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 34 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 35 of 136
PRIVACY
• Steps that individuals can take to minimize the risk of
becoming a victim of identity theft include:
– Shred all documents that contain personal information,
especially unsolicited credit card offers. Cross-cut shredders are
more effective.
– Never send personally identifying information in unencrypted
email.
– Beware of email, phone, and print requests to “verify” personal
information that the requesting party should already possess.
• Credit card companies won’t ask for your security code.
• The IRS won’t email you for identifying information in
response to an audit.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 36 of 136
PRIVACY
– Do not carry your social security card with you or comply
with requests to reveal the last 4 digits.
– Limit the amount of identifying information preprinted on
checks and consider eliminating it.
– Do not place outgoing mail with checks or personal
information in your mailbox for pickup.
– Don’t carry more than a few blank checks with you.
– Use special software to thoroughly clean any digital media
before disposal, or physically destroy the media. It is
especially important to thoroughly erase or destroy hard
drives before donating or disposing of equipment.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 37 of 136
PRIVACY
– Monitor your credit reports regularly.
– File a police report as soon as you discover that your
purse or wallet was stolen.
– Make photocopies of driver’s licenses, passports, and
credit cards. Store them with phone numbers for all the
credit cards in a safe location to facilitate notifying
authorities if they are stolen.
– Immediately cancel any lost or stolen credit cards.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 38 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 39 of 136
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 40 of 136
PRIVACY
• Consequently, organizations must carefully follow the
CAN-SPAM guidelines, which include:
– The sender’s identity must be clearly displayed in the
message header.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 41 of 136
PRIVACY
• Consequently, organizations must carefully follow the
CAN-SPAM guidelines, which include:
– The sender’s identity must be clearly displayed in the message
header.
– The subject field in the header must clearly identify the
message as an advertisement or solicitation.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 42 of 136
PRIVACY
• Consequently, organizations must carefully follow the
CAN-SPAM guidelines, which include:
– The sender’s identity must be clearly displayed in the message
header.
– The subject field in the header must clearly identify the message
as an advertisement or solicitation.
– The body must provide recipients with a working link that
can be used to “opt out” of future email.
• Organizations have 10 days after receipt of an “opt out”
request to ensure they do not send additional
unsolicited email to that address.
• Means someone must be assigned responsibility for
processing these requests.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 43 of 136
PRIVACY
• Consequently, organizations must carefully follow the
CAN-SPAM guidelines, which include:
– The sender’s identity must be clearly displayed in the message
header.
– The subject field in the header must clearly identify the message
as an advertisement or solicitation.
– The body must provide recipients with a working link that can be
used to “opt out” of future email.
– The body must include the sender’s valid postal address.
• Best practice (not required) would be to provide full
street address, telephone, and fax numbers.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 44 of 136
PRIVACY
• Consequently, organizations must carefully follow the
CAN-SPAM guidelines, which include:
– The sender’s identity must be clearly displayed in the message
header.
– The subject field in the header must clearly identify the message
as an advertisement or solicitation.
– The body must provide recipients with a working link that can be
used to “opt out” of future email.
– The body must include the sender’s valid postal address.
– Organizations
• Experts should not: that organizations redesign their
recommend
• Sendownemail to randomly
Websites generated
to include addresses.
a visible means for visitors
• Set upto Websites
“opt in” todesigned
receive email.
to harvest email addresses of
potential customers.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 45 of 136
PROCESSING INTEGRITY
output of data.
AVAILABILITY
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 46 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 47 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 48 of 136
PROCESSING INTEGRITY
• Input Controls
– If the data entered into a system is inaccurate or
incomplete, the output will be, too. (Garbage in
garbage out.)
– Companies must establish control procedures to
ensure that all source documents are authorized,
accurate, complete, properly accounted for, and
entered into the system or sent to their intended
destination in a timely manner.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 49 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 50 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 51 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 52 of 136
PROCESSING INTEGRITY
• Documents that have been entered should be
canceled
– Paper documents are stamped “paid” or
• The following inputdefaced
otherwise controls regulate integrity of
input: – A flag field is set on electronic documents.
• Canceling
– Forms design documents does not mean destroying
documents.
• Pre-numbered forms sequence test
• They should be retained as long as needed to satisfy
• Turnaround documents
legal and regulatory requirements.
– Cancellation and storage of documents
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 53 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 54 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 55 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 56 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 57 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
• Determines if the characters in a field are of the
proper type.
• Example: The characters in a social security field
should all be numeric.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 58 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
– Sign check
• Determines if the data in a field have the appropriate
arithmetic sign.
• Example: The number of hours a student is enrolled
in during a semester could not be a negative number.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 59 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
– Sign check
– Limit check
• Tests whether an amount exceeds a predetermined
value.
• Example: A university might use a limit check to
make sure that the hours a student is enrolled in do
not exceed 21.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 60 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
– Sign check
– Limit check
– Range check
• Similar to a field check, but it checks both ends of a
range.
• Example: Perhaps a wage rate is checked to ensure
that it does not exceed $15 and is not lower than the
minimum wage rate.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 61 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
– Sign check
– Limit check
– Range check
– Size (or capacity) check
• Ensures that the data will fit into the assigned field.
• Example: A social security number of 10 digits would
not fit in the 9-digit social security field.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 62 of 136
PROCESSING INTEGRITY
• Common tests to validate input include:
– Field check
– Sign check
– Limit check
– Range check
– Size (or capacity) check
– Completeness check
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 63 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
– Sign check
– Limit check
– Range check
– Size (or capacity) check
– Completeness check
– Validity check
• Compares the value entered to a file of acceptable
values.
• Example: Does the state code entered for an address
match one of the 50 valid state codes?
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart
64 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
needed to ensure that it’s entered correctly. Common
tests to validate input include:
– Field check
– Sign check
– Limit check
– Range • check
Determines whether a logical relationship seems to
– Size (or be
capacity) check
correct.
– Completeness check
• Example: A freshman with annual financial aid of
– $60,000 is probably not reasonable.
Validity check
– Reasonableness test
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 65 of 136
PROCESSING INTEGRITY
• Once data is collected, data entry control procedures are
• An additional digit called a check digit can be
needed toappended
ensure that it’s entered correctly. Common
to account numbers, policy numbers, ID
tests to validate
numbers,input
etc.include:
– Field •check
Data entry devices then perform check digit
– Sign check
verification by using the original digits in the number
– to recalculate the check digit.
Limit check
– Range • check
If the recalculated check digit does not match the
– Size (or digit recorded
capacity) checkon the source document, that result
suggests that an error was made in recording or
– Completeness check
entering the number.
– Validity check
– Reasonableness test
– Check digit verification
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 66 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 67 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 68 of 136
PROCESSING INTEGRITY
• Records information about data input or processing
errors (when they occurred, cause, when they were
corrected and resubmitted).
• Additional Batch Processing Data Entry
• Errors should be investigated, corrected, and
Controls resubmitted on a timely basis (usually with the next
batch) and subjected to the same input validation
– In addition to the preceding controls, when
routines.
using
• batch
The log processing, the periodically
should be reviewed following todata
ensure
that all errors
entry controls have been
should corrected and then used to
be incorporated.
prepare an error report, summarizing errors by
• Sequence checkerror type, cause, and disposition.
record type,
• Error log
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 69 of 136
PROCESSING INTEGRITY
• Summarize key values for a batch of input records.
Commonly used batch totals include:
– Financial totals—sums of fields that contain dollar
• Additional Batch Processing Data Entry
values, such as total sales.
Controls – Hash totals—sums of nonfinancial fields, such as
the sum of all social security numbers of
– In addition to the preceding
employees being paid. controls, when
using batch processing,
– Record count—countthe following
of the number ofdata
records in
entry controls should be incorporated.
a batch.
• These batch totals are calculated and recorded when
• Sequence check
data is entered and used later to verify that all input
• Errorwas
log processed correctly.
• Batch totals
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 70 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 71 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 72 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 73 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 75 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 76 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 77 of 136
PROCESSING INTEGRITY
• Processing Controls
– Processing controls to ensure that data is
processed correctly include:
• Data matching
• Two or more items must match before processing
can proceed.
• Example: The quantity billed on the vendor invoice
must match the quantity ordered on the purchase
order and the quantity received on the receiving
report.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 78 of 136
PROCESSING INTEGRITY
• Processing Controls
– Processing controls to ensure that data is
processed correctly include:
• Data matching
• File labels
• External labels should be checked visually to ensure the correct and
most current files are being updated.
• There are also two important types of internal labels to be checked.
– The header record, located at the beginning of each file, contains
the file name, expiration date, and other identification data.
– The trailer record at the end of the file contains the batch totals
calculated during input.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 79 of 136
• Batch totals should be recomputed as processing takes place.
•
•
PROCESSING INTEGRITY
These totals should be compared to the totals in the trailer record.
Discrepancies indicate processing errors, such as:
– If the recomputed record count is smaller than the original count,
• Processing Controls
one or more records were not processed.
– If the recomputed record count is larger than the original, then
–additional
Processing controls
unauthorized to ensure
transactions that
were data isor some
processed
authorized
processed transactions were
correctly processed twice.
include:
– If the discrepancy between totals is evenly divisible by 9, there
was • Data matching
probably a transposition error (two adjacent digits were
• File labels
reversed).
• Recalculation of batch totals
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 80 of 136
PROCESSING INTEGRITY
• Processing Controls
– Processing controls to ensure that data is
processed correctly include:
• Data matching
• File labels
• Recalculation of batch totals
• Cross-footing balance test
• Compares arithmetic results produced by two different
methods to verify accuracy.
• EXAMPLE: Compute the sum of column totals in a
spreadsheet and compare it to a sum of the row totals.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 81 of 136
PROCESSING INTEGRITY
• Processing Controls
– Processing controls to ensure that data is
processed correctly include:
• Data matching
• File labels
• Recalculation of batch totals
• Cross-footing balance test
• Write-protection mechanisms
• Protect against accidental writing over or erasing of
data files but are not foolproof.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 82 of 136
PROCESSING INTEGRITY
• Processing Controls
– Processing controls to ensure that data is
processed correctly include:
•• Data
Manymatching
businesses are replacing bar codes and
• manual
File tags with radio frequency identification
labels
(RFID) tags that can store up to 128 bytes of data.
• Recalculation of batch totals
• These tags should be write-protected so that
• Cross-footing balance test
unscrupulous customers cannot change price
• information on merchandise.
Write-protection mechanisms
• RFID security
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 83 of 136
PROCESSING INTEGRITY
•
Database systems use database administrators, data
• Processing Controls
dictionaries, and concurrent update controls to
– Processing
ensure controls
processingto ensure that data is
integrity.
• The administrator establishes and enforces
processed correctly include:
procedures for accessing and updating the database.
• Data
• Thematching
data dictionary ensures that data items are
defined and used consistently.
• File labels
• Concurrent update controls protect records from
• Recalculation of batch totals
being updated by two users simultaneously.
• Cross-footing balance
– Locks one testuntil the other has finished
user out
• Write-protection
processing. mechanisms
• Database processing integrity procedures
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 84 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 85 of 136
PROCESSING INTEGRITY
• Output Controls
– Careful checking of system output
provides additional control over
processing integrity.
– Output controls include:
• User review of output
• Users carefully examine output for reasonableness,
completeness, and to assure they are the intended
recipient.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 86 of 136
PROCESSING INTEGRITY
• Output Controls
– Careful checking of system output
provides additional control over
• Periodically, all transactions and other system updates
processing integrity.
should be reconciled to control reports, file
– Output controls include:
status/update reports, or other control mechanisms.
•
Control accounts should also be reconciled to
• User reviewaccount
subsidiary of output
totals.
• Reconciliation procedures
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 87 of 136
PROCESSING INTEGRITY
• Output Controls
– Careful checking of system output
provides additional control over
processing integrity.
• Database totals should periodically be reconciled with data
– Output controls
maintained outsideinclude:
the system.
• EXAMPLE: Compare number of employee records in the
• User review
payroll of output
file to number in the human resources file. (Excess
records in payroll suggests a “ghost” employee.)
• Reconciliation procedures
• External data reconciliation
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 88 of 136
PROCESSING INTEGRITY
• Output Controls
– In addition to using encryption to protect the confidentiality of
information being transmitted, organizations need controls to
minimize the risk of data transmission errors.
– When the receiving unit detects a data transmission error, it asks
the sending unit to re-send. Usually done automatically.
– Sometimes, the system may not be able to accomplish
automatic resubmission and will ask the sender to re-transmit
the data.
– Two basic types of data transmission controls:
• Parity checking
• Message acknowledgment techniques
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 89 of 136
PROCESSING INTEGRITY
• Output Controls
– In addition to using encryption to protect the confidentiality of
information being transmitted, organizations need controls to
minimize the risk of data transmission errors.
– When the receiving unit detects a data transmission error, it asks
the sending unit to re-send. Usually done automatically.
– Sometimes, the system may not be able to accomplish
automatic resubmission and will ask the sender to re-transmit
the data.
– Two basic types of data transmission controls:
• Parity checking
• Message acknowledgment techniques
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 90 of 136
PROCESSING INTEGRITY
• Parity checking
– Computers represent characters as a set of binary
digits (bits).
– For example, “5” is represented by the seven-bit
pattern 0000101.
– When data are transmitted some bits may be lost or
received incorrectly.
– Two basic schemes to detect these events are
referred to as even parity and odd parity.
– In either case, an additional bit is added to the digit
being transmitted.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 91 of 136
PROCESSING INTEGRITY
– In even parity, the parity bit is set so that each character has an
even number of bits with the value 1.
– In odd parity, the objective is that an odd number of bits should
have the value 1.
– The pattern for 5 is 0000101. This pattern has two bits (an even
number) with a value of 1. Therefore, the parity bit that is added
would be zero if we were using even parity and 1 if we were
using odd parity.
– The receiving device performs parity checking to verify that the
proper number of bits set to one in each character received.
– Additional accuracy can be achieved with more complex parity
schemes.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 92 of 136
PROCESSING INTEGRITY
• Output Controls
– In addition to using encryption to protect the confidentiality of
information being transmitted, organizations need controls to
minimize the risk of data transmission errors.
– When the receiving unit detects a data transmission error, it asks
the sending unit to re-send. Usually done automatically.
– Sometimes, the system may not be able to accomplish
automatic resubmission and will ask the sender to re-transmit
the data.
– Two basic types of data transmission controls:
• Parity checking
• Message acknowledgment techniques
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 93 of 136
PROCESSING INTEGRITY
• When data are transmitted, the system calculates a summary
• Message Acknowledgment Techniques
statistic such as the number of bits in the message.
The receiving unit performs the same calculation (an “echo
– A •number of message acknowledgment
check”) and sends the result to the sending unit.
techniques
• can be used to let the sender of
If the counts match, the transmission is presumed accurate.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 94 of 136
PROCESSING INTEGRITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 95 of 136
PROCESSING INTEGRITY
including:
CONFIDENTIALITY
AVAILABILITY
– Hardware and software failures
PRIVACY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 97 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 98 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 99 of 136
AVAILABILITY
– COBIT control objective DS 13.5 identifies the
need for preventive maintenance. Examples:
• Cleaning disk drivers
• Properly storing magnetic and optical media
– Use of redundant components can provide
fault tolerance, which enables the system to
continue functioning despite failure of a
component. Examples of redundant
• Surge protection devices provide protection
components:
against temporary power fluctuations.
• Dual processors
• Arrays of multiple hard drives.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 100 of 136
AVAILABILITY
• COBIT control objectives DS 12.1 and 12.4
address the importance of proper location and
design of rooms housing mission-critical servers
and databases.
– Raised floors protect from flood damage.
– Fire protection and suppression devices reduce
likelihood of fire damage.
– Adequate air conditioning reduces likelihood of
damage from over-heating or humidity.
– Cables with special plugs that cannot be easily
removed reduce risk of damage due to accidentally
unplugging.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 101 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 102 of 136
AVAILABILITY
• Training is especially important.
– Well-trained operators are less likely to make
mistakes and more able to recover if they do.
– Security awareness training, particularly concerning
safe email and Web-browsing practices, can reduce
risk of virus and worm infection.
• Anti-virus software should be installed, run, and
• Ccurrent.
kept OBIT control objective DS 13.1 stresses the
importance of defining and documenting
• Email should be scanned for viruses at both the
operational procedures and ensuring that
server and desktop levels.
operations staff understand their
• Newly acquired software and disks, CDs, or
responsibilities.
DVDs should be scanned and tested first on a
machine that is isolated from the main network.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 103 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 105 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 106 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 107 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 108 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 109 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 110 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 112 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 113 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 114 of 136
AVAILABILITY
• • Tape
Backups
or disk?are
Diskretained for only
backup is faster a fixed
and disks period
are less oflost.
easily
Tape, however, is cheaper, easier to transport, and more durable.
time.
Many organizations use both. Data is first backed up to disk, for
• speed,
An archive is a copytooftape.
and then transferred a database,
Archives aremaster file, on
usually stored
tape.
or software that will be retained indefinitely as an
historical record, usually to satisfy legal and
regulatory requirements.
• Multiple copies of archives should be made and
stored in different locations.
• Appropriate security controls should also be
applied to these files.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 115 of 136
AVAILABILITY
• Special attention should be paid to email,
because it has become an important archive of
organizational behavior and information.
• Access to email is often important when
companies are embroiled in lawsuits.
• Organizations may be tempted to adopt a policy
of periodically deleting all email to prevent a
plaintiff’s attorney from finding a “smoking gun.”
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 116 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 117 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 118 of 136
AVAILABILITY
• Infrastructure Replacement
– Major disasters can totally destroy an organization’s
information processing center or make it inaccessible.
– A key component of disaster recovery and business
continuity plans incorporates provisions for replacing
• How the
muchnecessary computing
time can the infrastructure,
organization including:
afford to be without its
information system? The recovery time objective (RTO) represents the
• Computers
time following
• Networka disaster by which the organization’s information
equipment and access
system must be available again .
• Telephone lines
• Office equipment
• Supplies
– It may even be necessary to hire temporary staff.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 119 of 136
• The least expensive approach.
• The organization enters into an agreement with another organization
AVAILABILITY
that uses similar equipment to have temporary access to and use of
their information system resources in the event of a disaster.
• Effective solutions for disasters of limited duration and magnitude,
•
• Organizations have three basic
especially for small organizations.
Not optimal in major disasters as:
options for replacing computer and
– The host organization may also be affected.
networking equipment.
– The host also needs the resources.
– Reciprocal agreements
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 120 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 122 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 123 of 136
AVAILABILITY
• Documentation
– An important and often overlooked component.
Should include:
• The disaster recovery plan itself, including instructions for
notifying appropriate staff and the steps to resume operation,
needs to be well documented.
• Assignment of responsibility for the various activities.
• Vendor documentation of hardware and software.
• Documentation of modifications made to the default
configuration (so replacement will have the same
functionality).
• Detailed operating instructions.
– Copies of all documentation should be stored both on-
site and off-site.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 124 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 125 of 136
AVAILABILITY
• Testing
– Periodic testing and revision is probably the
most important component of effective
disaster recovery and business continuity
plans.
• Most plans fail their initial test, because it’s
impossible to anticipate everything that could go
wrong.
• The time to discover these problems is before the
actual emergency and in a setting where the
weaknesses can be carefully analyzed and
appropriate changes made.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 126 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 127 of 136
AVAILABILITY
• Brainstorming sessions involving mock
scenarios can be effective in identifying gaps
and shortcomings.
– More realistic and detailed simulations or drills should
also be performed, although not to the expense of
completely performing every activity.
– Experts recommend testing individual components of
the plans separately, because it is too difficult and
costly to simulate and analyze every aspect
simultaneously.
• The plan documentation needs to be updated to
reflect any changes in procedure made in
response to problems identified during testing.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 128 of 136
AVAILABILITY
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 129 of 136
AVAILABILITY
• Insurance
– Organizations should acquire adequate
insurance coverage to defray part or all of the
expenses associated with implementing their
disaster recovery and business continuity
plans.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 130 of 136
CHANGE MANAGEMENT CONTROLS
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 131 of 136
CHANGE MANAGEMENT CONTROLS
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 132 of 136
CHANGE MANAGEMENT CONTROLS
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 133 of 136
CHANGE MANAGEMENT CONTROLS
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 134 of 136
CHANGE MANAGEMENT CONTROLS
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart 135 of 136
SUMMARY