PART 4-1B: OBJECTIVE 4: COMPUTER PROCESSING

Error and Fraud Types

Fail to detect erroneous input, improperly correct input errors, process erroneous input, improperly distribute or disclose output.

Control Procedures

Computer data editing routines, proper use of internal and external file labels, reconciliation of batch totals, effective error correction procedures.

Audit Process - Systems Review

Review administrative documentation, systems documentation, operating documentation, observe computer operations, discuss controls with personnel.

Audit Procedures - Test of Controls

Evaluate processing control standards, data editing controls, adherence to procedures, processing accuracy, search for unauthorized code.

Compensating Controls

Periodically reevaluate controls, use user and source data controls, eliminate control deficiencies.

Processing Test Data

Testing program with valid and invalid transactions, checking logic paths, preparing test data resources, comparing results with correct output.

Concurrent Audit Techniques

Use of embedded audit modules, integrated test facility, snapshot technique, system control audit review file, audit hooks, continuous and intermittent simulation.

Analysis of Program Logic

Detailed analysis of program logic, reference to flowcharts, documentation, source code, use of software packages for analysis.