APPLICATION SOFTWARE AND APPLICATION CONTROLS (STUDY OBJECTIVE 5)

Applications software accomplishes end user tasks such as word processing, spreadsheets, database maintenance, and accounting functions. All application software runs on top of the operating system software and uses the basic input, output, and data storage functions of the operating system. Any accounting software is considered application software. Application software represents another entry point through which unauthorized users or hackers could gain access. As is true of the eight exposure areas described so far, the application software has security, confidentiality, availability, and processing integrity risks. Many of the general controls listed in Exhibit 4-5 can help minimize those risks. For example, authentication of the user through user IDs and passwords can reduce the chance of unauthorized access. Application software processes inputs into accounting information and therefore carries specific processing integrity risks not inherent in the eight previous IT components described. The specific processing risks are inaccurate, incomplete, or unsecure data as it is input, is processed, or becomes output. Another risk of application software is the addition and processing of unauthorized transactions. For these specific risks, application controls should be part of accounting applications.

Many of the general controls in Exhibit 4-5 can help limit access to application software; specific application controls ...

Get Accounting Information Systems: The Processes and Controls, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.