Page 1
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 1/59
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 7-
AccountingInformation
Systems9th Edition
Marshall B. Romney
Paul John Steinbart
Page 2
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 2/59
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 7-2
Comuter!Based Information
Systems Controls
Chater "
Page 3
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 3/59
#$%%& Prentice 'all BusinessPublishing(
"!&
*earning +b,ecti-es
. /escribe the threats to an AIS and
discuss 0hy these threats are
gro0ing.$. E1lain the basic concets of control
as alied to business organi2ations.
&. /escribe the ma,or elements in thecontrol en-ironment of a business
organi2ation.
Page 4
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 4/59
#$%%& Prentice 'all BusinessPublishing(
"!3
*earning +b,ecti-es( continued
3. /escribe control olicies and rocedures
commonly used in business organi2ations.
4.
E-aluate a system of internal accountingcontrol( identify its deficiencies( and
rescribe modifications to remedy those
deficiencies.
5. Conduct a cost!benefit analysis forarticular threats( e1osures( ris6s( and
controls.
Page 5
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 5/59
#$%%& Prentice 'all BusinessPublishing(
"!4
Introduction
Jason Scott has been hired as an
internal auditor for 7orth0est
Industries( a di-ersified forestroducts comany.
'e is assigned to audit Sringer8s
*umber Suly( 7orth0est8s
building materials outlet in Montana.
Page 6
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 6/59
#$%%& Prentice 'all BusinessPublishing(
"!5
Introduction
'is suer-isor( Maria Pilier( has as6ed himto trace a samle of urchase transactionsto -erify that roer control rocedures 0ere
follo0ed. Jason becomes frustrated 0ith thistas6. :hy is Jason frustrated;
<he urchasing system is oorly
documented.'e 6ees finding transactions that ha-e not
been rocessed as Ed =ates( the accountsayable manager( said they should be.
Page 7
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 7/59
#$%%& Prentice 'all BusinessPublishing(
"!"
Introduction
Jason8s frustrations( continued Some -endor in-oices ha-e been aid 0ithout suorting
documents. Purchase re>uisitions are missing for se-eral items that had
been authori2ed by Bill Sringer( urchasing -.. Prices charged for some items seem unusually high. Sringer8s is the largest sulier in the area and has a near
monooly. Management authority is concentrated in the comany
resident( Joe Sringer( and his sons Bill( the urchasing
-..( and <ed( the controller. Maria feels that <ed may ha-e engaged in ?creati-e
accounting.@
Page 8
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 8/59
#$%%& Prentice 'all BusinessPublishing(
"!
Introduction
Jason onders the follo0ing issuesShould he describe the unusual
transactions in his reort;Is a -iolation of roer control
rocedures accetable if it has beenauthori2ed by management;
Regarding Jason8s assignment( doeshe ha-e a rofessional or ethicalresonsibility to get in-ol-ed;
Page 9
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 9/59
#$%%& Prentice 'all BusinessPublishing(
"!9
Introduction
<his chater discusses the tyes of
threats a comany faces.
It also resents the fi-e interrelatedcomonents of the Committee of
Sonsoring +rgani2ations C+S+8sD
internal control model.
Page 10
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 10/59
#$%%& Prentice 'all BusinessPublishing(
"!%
*earning +b,ecti-e
/escribe the threats to an AIS and
discuss 0hy these threats are
gro0ing.
Page 11
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 11/59
#$%%& Prentice 'all BusinessPublishing(
"!
<hreats to Accounting
Information Systems
:hat are e1amles of natural and
political disasters;
fire or e1cessi-e heat floods
earth>ua6es
high 0inds 0ar
Page 12
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 12/59
#$%%& Prentice 'all BusinessPublishing(
"!$
<hreats to Accounting
Information Systems
:hat are e1amles of software errors
and equipment malfunctions;
hard0are failures o0er outages and fluctuations
undetected data transmission errors
Page 13
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 13/59
#$%%& Prentice 'all BusinessPublishing(
"!&
<hreats to Accounting
Information Systems
:hat are e1amles of unintentionalacts;
accidents caused by humancarelessness
innocent errors of omissions
lost or mislaced data
logic errors systems that do not meet comany
needs
Page 14
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 14/59
#$%%& Prentice 'all BusinessPublishing(
"!3
<hreats to Accounting
Information Systems
:hat are e1amles of intentional
acts;
sabotage comuter fraud
embe22lement
Page 15
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 15/59
#$%%& Prentice 'all BusinessPublishing(
"!4
:hy are AIS <hreats
Increasing;
Increasing numbers of client)ser-er systemsmean that information is a-ailable to anunrecedented number of 0or6ers.
Because *A7s and client)ser-er systemsdistribute data to many users( they areharder to control than centrali2edmainframe systems.
:A7s are gi-ing customers and suliersaccess to each other8s systems and data(ma6ing confidentiality a concern.
Page 16
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 16/59
#$%%& Prentice 'all BusinessPublishing(
"!5
*earning +b,ecti-e $
E1lain the basic concets
of control as alied tobusiness organi2ations.
Page 17
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 17/59
#$%%& Prentice 'all BusinessPublishing(
"!"
+-er-ie0 of Control
Concets
:hat is the traditional definition of internal
control;
Internal control is the plan of organization
and the methods a business uses to
safeguard assets, provide accurate and
reliable information, promote and improve
operational efficiency, and encourage
adherence to prescribed managerial
policies.
Page 18
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 18/59
#$%%& Prentice 'all BusinessPublishing(
"!
+-er-ie0 of Control
Concets
:hat is management control; Management control encomasses the
follo0ing three features
It is an integral art of managementresonsibilities.
$ It is designed to reduce errors(irregularities( and achie-e organi2ational
goals.& It is ersonnel!oriented and see6s to hel
emloyees attain comany goals.
Page 19
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 19/59
#$%%& Prentice 'all BusinessPublishing(
"!9
Internal Control
Classifications
<he secific control rocedures used in the
internal control and management control
systems may be classified using the
follo0ing four internal control classifications
Pre-enti-e( detecti-e( and correcti-e controls
$ Feneral and alication controls
&
Administrati-e and accounting controls3 Inut( rocessing( and outut controls
Page 20
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 20/59
#$%%& Prentice 'all BusinessPublishing(
"!$%
<he Goreign Corrut
Practices Act
In 9""( Congress incororated language
from an AICPA ronouncement into the
Goreign Corrut Practices Act.
<he rimary urose of the act 0as to
re-ent the bribery of foreign officials in
order to obtain business.
A significant effect of the act 0as to re>uirecororations to maintain good systems of
internal accounting control.
Page 21
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 21/59
#$%%& Prentice 'all BusinessPublishing(
"!$
Committee of Sonsoring
+rgani2ations
<he Committee of Sonsoring
+rgani2ations C+S+D is a ri-ate sector
grou consisting of fi-e organi2ations
American Accounting Association
$ American Institute of Certified Public
Accountants
& Institute of Internal Auditors
3 Institute of Management Accountants
4 Ginancial E1ecuti-es Institute
Page 22
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 22/59
#$%%& Prentice 'all BusinessPublishing(
"!$$
Committee of Sonsoring
+rgani2ations
In 99$( C+S+ issued the results of a
study to de-elo a definition of
internal controls and to ro-ideguidance for e-aluating internal
control systems.
<he reort has been 0idely acceted
as the authority on internal controls.
Page 23
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 23/59
#$%%& Prentice 'all BusinessPublishing(
"!$&
Committee of Sonsoring
+rgani2ations
<he C+S+ study defines internal controlas the rocess imlemented by theboard of directors( management( and
those under their direction to ro-idereasonable assurance that controlob,ecti-es are achie-ed 0ith regard to effecti-eness and efficiency of oerations
reliability of financial reorting comliance 0ith alicable la0s and
regulations
Page 24
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 24/59
#$%%& Prentice 'all BusinessPublishing(
"!$3
Committee of Sonsoring
+rgani2ations
C+S+8s internal control model has
fi-e crucial comonents
Control en-ironment$ Control acti-ities
& Ris6 assessment
3 Information and communication4 Monitoring
Page 25
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 25/59
#$%%& Prentice 'all BusinessPublishing(
"!$4
Information Systems Audit
and Control Goundation
<he Information Systems Audit and Control
Goundation ISACGD recently de-eloed the
Control +b,ecti-es for Information and
related <echnology C+BI<D.
C+BI< consolidates standards from &5
different sources into a single frame0or6.
<he frame0or6 addresses the issue ofcontrol from three -antage oints( or
dimensions
Page 26
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 26/59
#$%%& Prentice 'all BusinessPublishing(
"!$5
Information Systems Audit
and Control Goundation
Information needs to conform to certain
criteria that C+BI< refers to as business
re>uirements for information
$ I< resources eole( alication systems(
technology( facilities( and data
& I< rocesses lanning and organi2ation(
ac>uisition and imlementation( deli-eryand suort( and monitoring
Page 27
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 27/59
#$%%& Prentice 'all BusinessPublishing(
"!$"
*earning +b,ecti-e &
/escribe the ma,or
elements in the controlen-ironment of a
business organi2ation.
Page 28
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 28/59
#$%%& Prentice 'all BusinessPublishing(
"!$
<he Control En-ironment
<he first comonent of C+S+8s internal
control model is the control en-ironment.
<he control en-ironment consists of many
factors( including the follo0ing
Commitment to integrity and ethical -alues
$ Management8s hilosohy and oerating
style& +rgani2ational structure
Page 29
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 29/59
#$%%& Prentice 'all BusinessPublishing(
"!$9
<he Control En-ironment
3 <he audit committee of the board of
directors
4
Methods of assigning authority andresonsibility
5 'uman resources olicies and
ractices
" E1ternal influences
Page 30
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 30/59
#$%%& Prentice 'all BusinessPublishing(
"!&%
*earning +b,ecti-e 3
/escribe control
olicies and rocedures
commonly used in
business organi2ations.
Page 31
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 31/59
#$%%& Prentice 'all BusinessPublishing(
"!&
Control Acti-ities
<he second comonent of C+S+8s
internal control model is control
acti-ities. Fenerally( control rocedures fall into
one of fi-e categories
Proer authori2ation of transactions
and acti-ities
$ Segregation of duties
Page 32
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 32/59
#$%%& Prentice 'all BusinessPublishing(
"!&$
Control Acti-ities
& /esign and use of ade>uate
documents and records
3
Ade>uate safeguards of assets andrecords
4 Indeendent chec6s on erformance
Page 33
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 33/59
#$%%& Prentice 'all BusinessPublishing(
"!&&
Proer Authori2ation of
<ransactions and Acti-ities
Authorization is the emo0ermentmanagement gi-es emloyees toerform acti-ities and ma6e decisions.
Digital signature or fingerrint is ameans of signing a document 0ith aiece of data that cannot be forged.
Specific authorization is the grantingof authori2ation by management forcertain acti-ities or transactions.
Page 34
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 34/59
#$%%& Prentice 'all BusinessPublishing(
"!&3
Segregation of /uties
Food internal control demands that no
single emloyee be gi-en too much
resonsibility. An emloyee should not be in a
osition to eretrate and conceal
fraud or unintentional errors.
Page 35
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 35/59
#$%%& Prentice 'all BusinessPublishing(
"!&4
Segregation of /uties
Recording Functions
Preparing source documents
Maintaining journals
Preparing reconciliations
Preparing performance reports
Custodial Functions
Handling cash
Handling assets
Writing checksReceiving checks in mail Authorization Functions
Authorization of
transactions
Page 36
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 36/59
#$%%& Prentice 'all BusinessPublishing(
"!&5
Segregation of /uties
If t0o of these three functions are the
resonsibility of a single erson( roblems
can arise.
Segregation of duties re-ents emloyees
from falsifying records in order to conceal
theft of assets entrusted to them.
Pre-ent authori2ation of a fictitious orinaccurate transaction as a means of
concealing asset thefts.
Page 37
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 37/59
#$%%& Prentice 'all BusinessPublishing(
"!&"
Segregation of /uties
Segregation of duties re-ents an
emloyee from falsifying records to
co-er u an inaccurate or falsetransaction that 0as inaroriately
authori2ed.
Page 38
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 38/59
#$%%& Prentice 'all BusinessPublishing(
"!&
/esign and Hse of Ade>uate
/ocuments and Records
<he roer design and use of
documents and records hels ensure
the accurate and comlete recordingof all rele-ant transaction data.
/ocuments that initiate a transaction
should contain a sace for
authori2ation.
Page 39
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 39/59
#$%%& Prentice 'all BusinessPublishing(
"!&9
/esign and Hse of Ade>uate
/ocuments and Records
<he follo0ing rocedures safeguard assetsfrom theft( unauthori2ed use( and-andalism
effecti-ely suer-ising and segregatingduties
maintaining accurate records of assets(including information
restricting hysical access to cash and aerassets
ha-ing restricted storage areas
Page 40
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 40/59
#$%%& Prentice 'all BusinessPublishing(
"!3%
Ade>uate Safeguards of
Assets and Records
:hat can be used to safeguardassets; cash registers
safes( loc6bo1es
safety deosit bo1es
restricted and fireroof storage areas
controlling the en-ironment restricted access to comuter rooms(
comuter files( and information
Page 41
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 41/59
#$%%& Prentice 'all BusinessPublishing(
"!3
Indeendent Chec6s
on Performance
Indeendent chec6s ensure that
transactions are rocessed accurately are
another imortant control element.
Page 42
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 42/59
#$%%& Prentice 'all BusinessPublishing(
"!3$
Indeendent Chec6s
on Performance
:hat are -arious tyes of
indeendent chec6s;
reconciliation of t0o indeendentlymaintained sets of records
comarison of actual >uantities 0ith
recorded amounts
double!entry accounting batch totals
Page 43
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 43/59
#$%%& Prentice 'all BusinessPublishing(
"!3&
Indeendent Chec6s
on Performance
Gi-e batch totals are used in comuter
systems
A financial total is the sum of a dollarfield.
$ A hash total is the sum of a field that
0ould usually not be added.
Page 44
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 44/59
#$%%& Prentice 'all BusinessPublishing(
"!33
Indeendent Chec6s
on Performance
& A record count is the number of
documents rocessed.
3
A line count is the number of lines ofdata entered.
4 A cross!footing balance test comares
the grand total of all the ro0s 0ith the
grand total of all the columns to chec6that they are e>ual.
Page 45
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 45/59
#$%%& Prentice 'all BusinessPublishing(
"!34
*earning +b,ecti-e 4
E-aluate a system of
internal accounting
control( identify itsdeficiencies( and rescribe
modifications to remedythose deficiencies.
Page 46
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 46/59
#$%%& Prentice 'all BusinessPublishing(
"!35
Ris6 Assessment
<he third comonent of C+S+8s internal
control model is ris6 assessment.
Comanies must identify the threats they
face
strategic doing the 0rong thing
financial ha-ing financial resources lost(
0asted( or stolen
information faulty or irrele-ant
information( or unreliable systems
Page 47
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 47/59
#$%%& Prentice 'all BusinessPublishing(
"!3"
Ris6 Assessment
Comanies that imlement electronic
data interchange E/ID must identify
the threats the system 0ill face( suchas
Choosing an inaroriate technology
$ Hnauthori2ed system access
& <aing into data transmissions
3 *oss of data integrity
Page 48
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 48/59
#$%%& Prentice 'all BusinessPublishing(
"!3
Ris6 Assessment
4 Incomlete transactions
5 System failures
" Incomatible systems
Page 49
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 49/59
#$%%& Prentice 'all BusinessPublishing(
"!39
Ris6 Assessment
Some threats ose a greater ris6
because the robability of their
occurrence is more li6ely. Gor
e1amle A comany is more li6ely to be the
-ictim of a comuter fraud rather than
a terrorist attac6. Ris6 and e1osure must be
considered together.
Page 50
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 50/59
#$%%& Prentice 'all BusinessPublishing(
"!4%
*earning +b,ecti-e 5
Conduct a cost!benefit
analysis for articular
threats( e1osures(
ris6s( and controls.
Page 51
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 51/59
#$%%& Prentice 'all BusinessPublishing(
"!4
Estimate Cost and Benefits
7o internal control system can ro-ide
foolroof rotection against all internal
control threats. <he cost of a foolroof system 0ould
be rohibiti-ely high.
+ne 0ay to calculate benefits in-ol-es
calculating e1ected loss.
Page 52
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 52/59
#$%%& Prentice 'all BusinessPublishing(
"!4$
Epected loss ! risk " eposure
Estimate Cost and Benefits
<he benefit of a control rocedure is
the difference bet0een the e1ected
loss 0ith the control roceduresD andthe e1ected loss 0ithout it.
Page 53
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 53/59
#$%%& Prentice 'all BusinessPublishing( "!4&
Information and
Communication
<he fourth comonent of C+S+8s
internal control model is information
and communication.
Page 54
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 54/59
#$%%& Prentice 'all BusinessPublishing( "!43
Information and
Communication
Accountants must understand the follo0ing 'o0 transactions are initiated
$ 'o0 data are catured in machine!readable
form or con-erted from source documents& 'o0 comuter files are accessed and
udated
3 'o0 data are rocessed to reare
information4 'o0 information is reorted
5 'o0 transactions are initiated
Page 55
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 55/59
#$%%& Prentice 'all BusinessPublishing( "!44
Information and
Communication
All of these items ma6e it ossible for thesystem to ha-e an audit trail.
An audit trail e1ists 0hen indi-idual
comany transactions can be tracedthrough the system.
Page 56
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 56/59
#$%%& Prentice 'all BusinessPublishing( "!45
Monitoring Performance
<he fifth comonent of C+S+8s
internal control model is monitoring.
:hat are the 6ey methods ofmonitoring erformance;
effecti-e suer-ision
resonsibility accounting
internal auditing
Page 57
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 57/59
Page 58
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 58/59
#$%%& Prentice 'all BusinessPublishing( "!4
Case Conclusion
+ne of the Sringers held a significant
o0nershi interest in each of these three
comanies.
<hey also found e-idence that se-eral of
Sringer8s emloyees 0ere aid for more
hours than documented by time6eeing(
and that in-entories 0ere o-erstated.
7orth0est settled the case 0ith the
Sringers.
Page 59
7/23/2019 AIS07Computer-Based Information Systems Controls
http://slidepdf.com/reader/full/ais07computer-based-information-systems-controls 59/59
End of Chapter 7