CHAPTER 9: OVERVIEW OF APPLICATION CONTROLS (INTEGRITY)
In addition to reviewing general arrangements for IT, the IRM manager/auditor may be asked to look at the controls within a specific application system (e.g. payroll, sales, ERP). Consider a nice, simple system. We own a shop and want to know how much stock it contains so we request a stock take. How do we know that the stock level shown on the stock take is correct? It will be correct if:
• actual stock has been independently verified/counted.
• we include every line and item of stock.
• the prices shown for each line are accurate and realistic.
• the calculation of total values is correct.
• we only include those items we own (for example, not including items we ...