Page 1 of 15
CHAPTER 10
INFORMATION SYSTEMS CONTROLS FOR SYSTEMS RELIABILITY
Instructor’s Manual
Learning Objectives:
1. Identify and explain controls designed to ensure processing
integrity.
Processing Integrity
Table 10-1 on page 275 groups six categories of application
controls as they apply to input, processing, or output of data.
The AC is Access Controls.
Input Controls
As the old saying goes: “garbage in, garbage out.”
The quality of data that is collected about business activities
and entered into the information system is vital.
The following source data controls regulate the integrity
of input:
1. Forms Design. Source documents and other forms should
be designed to help ensure that errors and omissions
are minimized.
2. Cancellation and Storage of Documents. Documents that
have been entered into the system should be cancelled
3. Authorization and Segregation of Duties. Source
4. Visual Scanning. Source documents should be scanned
for reasonableness and propriety before being entered
into the system.
Data Entry Controls
The following tests are used to validate input data:
1. A Field Check determines if the characters in a
field are of the proper type.
4. A Range Check is similar to a limit check except
that it has both upper and lower limits.
5. A Size Check ensures that the input data will fit
into the assigned field.
8. A Reasonableness Test determines the correctness of
the logical relationship between two data items.
9. Check Digit Verification. Authorized ID numbers
(such as an employee number) can contain a check
digit that is computed from the other digits. For
example, the system could assign each new employee a
Additional Batch Processing Data Entry Controls:
1. Batch processing works correctly only if the transactions
2. Information about data input or data processing errors
3. Batch Totals. Three commonly used batch totals are:
▪ A Financial Total sums a field that contains
dollar values, such as the total dollar amount of
all sales for a beach of sales transactions.
Additional Online Data Entry Controls
Whenever possible, the system should automatically enter
transaction data, which saves keying time and reduces
errors.
Other online processing data entry controls include:
1. Prompting, in which the system requests each input
2. Preformatting, in which the system displays a
3. Closed-Loop Verification checks the accuracy of input
4. Creation of a transaction log that includes a
detailed record of all transaction data; a unique
transaction was entered.
5. Error messages should indicate when an error has
occurred, which items are in error, and what the
operator should do to correct it.
Processing Controls
Controls are also needed to ensure that data is processed
correctly
1. Data Matching. In certain cases, two or more items of
data must be matched before an action can take place.
2. File Labels. File labels need to be checked to ensure
that the correct and most current files are being
updated.
Two important types of internal labels are
header and trailer records.
3. Recalculation of Batch Totals. Batch totals can be
recomputed as each transaction record is processed
4. Cross-Footing and Zero-Balance Test. Often totals can
be calculated in multiple ways. For example, in
spreadsheets a grand total can often be computed
either by summing a column of row totals or by
5. Write-Protection Mechanisms. These protect against
the accidental writing over or erasing of data files
stored on magnetic media.
6. Database Processing Integrity Procedures. Database
systems use database administrators, data
dictionaries, and concurrent update controls to
ensure processing integrity. The administrator
Output Controls
Careful checking of system output provides additional control
over processing integrity. Important output controls include:
1. User review of output. Users should carefully examine
system output for reasonableness, completeness, and
that they are the intended recipient.
2. Reconciliation procedures. Periodically, all
transactions and other system updates should be
3. External data reconciliation. Database totals should
periodically be reconciled with data maintained
outside the system. For example, the number of
employee records in the payroll file can be compared
with the total from human resources to detect
Page 6 of 15
Data Transmission Controls
Parity checking and message acknowledgement techniques are two
basic types of data transmission controls.
Parity Checking
Computers represent characters as a set of binary digits (bits).
When data are transmitted, some bits may be lost or received
incorrectly due to media disruptions or failures. To detect these
Message Acknowledgment Techniques
Techniques can be used to let the sender of an electronic message
know that a message was received:
1. Echo Check. When data are transmitted, the system
calculates a summary statistic such as the number of bits
2. Trailer Record. The sending unit stores control totals in a
3. Numbered Batches. If a large message is transmitted in
segments, each can be numbered sequentially so that the
receiving unit can properly assemble the segments.
Example: Credit Sales Processing
The following is an example of processing integrity
controls using a credit sale as an example.
Processing these transactions includes the following steps:
2. Updating the customer and inventory records (the
3. Preparing and distributing shipping or billing
documents
Batch processing Integrity Controls
Processing credit sales transactions in a batch processing
mode includes the following steps:
1. Prepare batch totals. These totals are recorded on
2. Deliver the transactions to the computer operations
department for processing.
3. Enter the transaction data into the system. Data
4. Sort and edit the transaction file. Either before or
5. Update the master files. The sales transaction file
7. User review. Users in the shipping and billing
departments perform a limited review of the documents
for incomplete data or other obvious deficiencies.
Figure 10-1 on page 275 illustrates these seven steps and
identifies the application controls that should be utilized
at each stage.
Online Processing Integrity Controls
Online Data Entry Controls
1. When a user accesses the online system, logical
2. A compatibility test is performed on all user
Page 8 of 15
3. The system automatically assigns the transaction the
next sequential sales order number and the current
date as the date of the invoice.
4. To assist authorized personnel in entering sales
5. Each response is tested using one or more of the
following controls: validity checks (valid customer
6. When the customer number is entered, the system
7. When the inventory item number is entered, the system
and the operator go through the same procedures as
they do with the customer number.
Online Processing Controls
Updating files includes the customer and inventory
database records.
These tests often include the following:
1. Validity checks on the customer and
inventory item numbers
3. Limit check that compare each customer’s
total amount due with the credit limit
Online Output Controls
Output controls that can be utilized are as follows:
Page 9 of 15
1. Billing and shipping documents are forwarded
electronically to only preauthorized users.
Focus 10-1 on page 283 discusses some of the issues involving the
use of electronic voting machines.
Electronic voting may eliminate some of the types of
problems that occurred in Florida in the November 2000
election.
Some security experts suggest that election officials adopt
the methods used by the state of Nevada to ensure that
electronic gambling machines operate honestly and
accurately, which include the following:
1. The Gaming Control Board keeps copies of all
software. It is illegal for casinos to use any
2. Frequent on-site spot checks of the computer chips in
3. Extensive tests are conducted of the machine’s
4. All gambling machine manufacturers are carefully
scrutinized and are registered. Similar checks should
be performed on voting machine manufacturers, and
software developers.
Page 10 of 15
Multiple Choice 1
The COBIT control objective that addresses the threat of invalid input
is
a. DS 11.1
Multiple Choice 2
If an online file is damaged, the __________ can be used for
reconstruction purposes.
a. transaction log
Multiple Choice 3
__________ protects records from errors that occur when two or more
users attempt to update the same record simultaneously.
a. Cross-footing balance test
b. Online processing controls
Availability
Reliable systems and information are available for use whenever
needed.
Threats to system availability originate from many sources,
including:
1. Hardware and software failures
3. Human error
5. Denial-of-service attacks and other acts of sabotage
Table 8-3 on page 309 summarizes the key controls related to
ensure system availability which minimize system downtime and
provide timely recovery.
Page 11 of 15
Minimizing Risk of System Downtime
The loss of system availability can cause significant
financial losses.
The shutdown of eBay and several other major Web sites in
early 2000 are estimated to have cost millions of dollars
in lost sales.
The following is a Wikipedia Encyclopedia chart updating
the number of attacks from October 2004 to June 2005:
downtime due to the theft or sabotage of information
system resources.
The use of redundant components, such as dual
processors and arrays of multiple hard drives,
provides fault tolerance, enabling a system to
continue functioning in the event that a particular
component fails.
COBIT DS12 Manage the Physical Environment control
objectives DS12.1 (Site Selection and Layout) and DS12.4
(Protection against Environmental Factors) addresses the
Disaster Recovery and Business Continuity Planning
Disaster recovery and business continuity plans are
essential if an organization hopes to survive a major
catastrophe.
Downtime has reported losses as high as $500,000 per
hour of downtime.
Focus 10-2 on page 288 describes how NASDAQ recovered from
September 11.
Because of their recovery plan, NASDAQ was up and running
only 6 days after the 9/11/01 terrorist attack.
Page 13 of 15
Data Backup Procedures
A backup is an exact copy of the most current version of a
database, file, or software program.
Several different backup procedures exist:
A full backup is an exact copy of the data recorded
on another physical media (tape, magnetic disk, CD,
Two types of partial backups are:
1. An incremental backup involves copying only
the data items that have changed since the
last backup.
2. Differential backup copies all changes made
since the last full backup.
Management must establish a recovery point objective (RPO),
which represents the maximum length of time for which it is
willing to risk the possible loss of transaction data.
Infrastructure Replacement
A second key component of disaster recovery includes
provisions for replacing the necessary computer
infrastructure: computers, network equipment and access,
Page 14 of 15
Figure 10-3 on page 285 depicts the relationship and
differences between the recovery time objective (RTO) and
the recovery point objective (RPO).
Organizations have three basic options for replacing
computer and networking equipment:
1. The least expensive approach is to create
reciprocal agreements with another organization
2. Another solution involves purchasing or leasing a
cold site, which is an empty building that is
3. A more expensive solution for organizations, such
as financial institutions and airlines, which
cannot survive any appreciable time period without
access to their information system, is to create
Documentation
Documentation is an important, but often overlooked,
component of disaster recovery and business
continuity plans.
Testing
Periodic testing and revision is probably the most
important component of effective disaster recovery
and business continuity plans.
Multiple Choice 4
The following COBIT control objective addresses the importance of
locating and designing the rooms housing mission-critical servers and
databases.
a. DS B.5.0
Multiple Choice 5
Full backups are time-consuming, so most organizations only do full
backups _______ and supplement them with _______ partial backups.
a. monthly; weekly
b. quarterly; monthly
c. annually; quarterly
d. weekly; daily