This article throws light upon the three parameters for the evaluation of internal control system. The parameters are: 1. Administrative Controls 2. System Development Controls 3. Procedural Controls.
Internal Control System Evaluation: Parameter # 1. Administrative Controls:
(A) Division of responsibilities—between the sections like:
(a) Development,
(b) Data preparation,
ADVERTISEMENTS:
(c) Computer operation,
(d) File library, and
(c) Control.
(B) Control over Computer Operators—by the use of:
ADVERTISEMENTS:
(a) Administrative procedure manuals,
(b) Work schedules and
(c) Rotation of duties, eta.
(C) File Control—in respect of issue of programmes and documentation.
ADVERTISEMENTS:
File Identification Procedures—by using:
(a) Visible reference numbers,
(b) Protection rings, and
(c) Header label checks on set-up, etc.
ADVERTISEMENTS:
(d) File Reconstruction Procedures.
(e) Fire Precaution and Stand-by Arrangement.
Internal Control System Evaluation: Parameter # 2. System Development Controls:
(A) Standard Procedure and Documentation—in respect of:
(a) Flow charts and Block diagrams,
ADVERTISEMENTS:
(b) Input and output data description,
(c) File record layouts,
(d) Output distribution, etc.
(B) System and Programme Test—by means of:
ADVERTISEMENTS:
(a) Processing the test data,
(b) Pilot running,
(c) Desk checking,
(d) Processing with test data, etc.
ADVERTISEMENTS:
(C) File Conversion—that is, checking the contents of Master files.
(D) Acceptance and Authorisation Procedure at the following stages in development:
(a) Completion of outline system report,
(b) Completion of system specification,
(c) Completion of programme and systems testing,
(d) Accepting new system into operational use.
ADVERTISEMENTS:
(E) Systems and Programme Amendments—to ensure that all changes are brought to the knowledge of all concerned, including user department.
Internal Control System Evaluation: Parameter # 3. Procedural Controls:
(A) Input Controls:
Establishment of Control over:
(i) Procedures,
(ii) Sequence checks, and
(iii) Data fields that contain significant reference data (for example, check digit verification and matching with master file records).
(B) Input Controls:
Verification of Conversion to ensure correction of all errors.
(C) Input Control:
Authorisation of Input.
(D) Processing Controls:
To ensure that all rejections are definitely and promptly reprocessed.
(E) Output Controls:
General—to ensure that the print-outs contain sufficient information to—(a) Trace out source documents and (b) Verify computer-generated calculations and totals. This is designed to ascertain whether an ‘audit trail’ exists.
(F) Output Controls:
Related to Input—to ensure that the data printed out are complete and accurate.
(G) Output Controls:
Exception Reports
(H) Output Controls:
Distribution of Output—to ensure that the user department has received all print-outs intact.
(I) Master File Controls:
Amendments of standing data: The system should ensure that all amendments are processed by—control totals and retention of copies.
(J) Master File Controls:
Maintenance of Standing data—The system should verify the standing data by (a) Print-outs of individual items for checking with external information, and (b) Print-outs of totals for reconciliation either independently or with computer-established records of totals.
(K) Master File Controls:
Maintenance of Transaction data—the system should verify the transaction data on the file on a total basis by Print-outs of totals for reconciliation either independently or with computer established records of totals.