Input Controls
Data that is presented to an application as input data must be validated for authorization, reasonableness, completeness, and integrity. Several controls must be implemented to ensure these points.
Input Authorization
All data that is input into a system must be authorized by management. The method of authorization can take many forms:
• User access controls Only approved personnel, such as system operators, input clerks, business analysts, and customer service representatives, are permitted to log in and use applications. Each user must have unique login credentials.
• Entity access controls Only authorized organizations are permitted to log in and access business applications. Entities in each such organization (including ...
Get CISA Certified Information Systems Auditor All-in-One Exam Guide, Fourth Edition, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.