This article throws light upon the three parameters for the evaluation of internal control system. The parameters are: 1. Administrative Controls 2. System Development Controls 3. Procedural Controls.
Internal Control System Evaluation: Parameter # 1. Administrative Controls:
(A) Division of responsibilities—between the sections like:
(b) Data preparation,
(c) Computer operation,
(d) File library, and
(B) Control over Computer Operators—by the use of:
(a) Administrative procedure manuals,
(b) Work schedules and
(c) Rotation of duties, eta.
(C) File Control—in respect of issue of programmes and documentation.
File Identification Procedures—by using:
(a) Visible reference numbers,
(b) Protection rings, and
(c) Header label checks on set-up, etc.
(d) File Reconstruction Procedures.
(e) Fire Precaution and Stand-by Arrangement.
Internal Control System Evaluation: Parameter # 2. System Development Controls:
(A) Standard Procedure and Documentation—in respect of:
(a) Flow charts and Block diagrams,
(b) Input and output data description,
(c) File record layouts,
(d) Output distribution, etc.
(B) System and Programme Test—by means of:
(a) Processing the test data,
(b) Pilot running,
(c) Desk checking,
(d) Processing with test data, etc.
(C) File Conversion—that is, checking the contents of Master files.
(D) Acceptance and Authorisation Procedure at the following stages in development:
(a) Completion of outline system report,
(b) Completion of system specification,
(c) Completion of programme and systems testing,
(d) Accepting new system into operational use.
(E) Systems and Programme Amendments—to ensure that all changes are brought to the knowledge of all concerned, including user department.
Internal Control System Evaluation: Parameter # 3. Procedural Controls:
(A) Input Controls:
Establishment of Control over:
(ii) Sequence checks, and
(iii) Data fields that contain significant reference data (for example, check digit verification and matching with master file records).
(B) Input Controls:
Verification of Conversion to ensure correction of all errors.
(C) Input Control:
Authorisation of Input.
(D) Processing Controls:
To ensure that all rejections are definitely and promptly reprocessed.
(E) Output Controls:
General—to ensure that the print-outs contain sufficient information to—(a) Trace out source documents and (b) Verify computer-generated calculations and totals. This is designed to ascertain whether an ‘audit trail’ exists.
(F) Output Controls:
Related to Input—to ensure that the data printed out are complete and accurate.
(G) Output Controls:
(H) Output Controls:
Distribution of Output—to ensure that the user department has received all print-outs intact.
(I) Master File Controls:
Amendments of standing data: The system should ensure that all amendments are processed by—control totals and retention of copies.
(J) Master File Controls:
Maintenance of Standing data—The system should verify the standing data by (a) Print-outs of individual items for checking with external information, and (b) Print-outs of totals for reconciliation either independently or with computer-established records of totals.
(K) Master File Controls:
Maintenance of Transaction data—the system should verify the transaction data on the file on a total basis by Print-outs of totals for reconciliation either independently or with computer established records of totals.