CHAPTER 9: OVERVIEW OF APPLICATION CONTROLS (INTEGRITY)
Introduction
In addition to reviewing general arrangements for IT, the IRM manager/auditor may be asked to look at the controls within a specific application system (e.g. payroll, sales, ERP). Consider a nice, simple system. We own a shop and want to know how much stock it contains so we request a stock take. How do we know that the stock level shown on the stock take is correct? It will be correct if:
• actual stock has been independently verified/counted.
• we include every line and item of stock.
• the prices shown for each line are accurate and realistic.
• the calculation of total values is correct.
• we only include those items we own (for example, not including items we ...
Get Fundamentals of Information Risk Management Auditing: An introduction for managers and auditors now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.