to ensure the efficient & effective development / maintenance of it systems proper...
TRANSCRIPT
![Page 1: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/1.jpg)
![Page 2: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/2.jpg)
• TO ENSURETHE EFFICIENT & EFFECTIVE
DEVELOPMENT / MAINTENANCE OF IT SYSTEMS
PROPER IMPLEMENTATION OF IT SYSTEMS
PROTECTION OF DATA AND PROGRAMS
![Page 3: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/3.jpg)
COMPONENTS OF GENERAL IT CONTROLS
• ORGANISATION AND MANAGEMENT CONTROLS
• SEGREGATION OF DUTIES• PHYSICAL & LOGICAL ACCESS CONTROLS• SYSTEMS DEVELOPMENT CONTROLS• PROGRAM AMENDMENT CONTROLS• BUSINESS CONTINUITY PLANNING
CONTROLS
![Page 4: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/4.jpg)
ORGANISATION &
MANAGEMENT CONTROLS
![Page 5: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/5.jpg)
ORGANISATION & MANAGEMENT CONTROLS
• TO ENSURE– ECONOMIC USE OF IT SYSTEMS
– REFLECTION OF IT IN BUSINESS PLANS
– DELIVERY OF THE SYSTEM IN A CONTROL -CONSCIOUS STRUCTURE
– SYSTEM’S RESPONSE TO CHANGES
![Page 6: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/6.jpg)
IT STRATEGY • APPROPRIATE FORMULATION • DOCUMENTED FOR THE NEXT 3
YEARS– COVER IT SYSTEMS TO BE
DEVELOPED / ENHANCED• IN LINE WITH BUSINESS STRATEGY• CURRENT / APPROPRIATE• DULY APPROVED BY BOARD
![Page 7: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/7.jpg)
IT PLANNING AND MANAGEMENT
• GUIDED BY USER MANAGEMENT• INVOLVE USERS &MANAGEMENT
– THROUGH BOARD AGENDA / MINUTES, BUDGETS / FORECASTS
• THROUGH IT STEERING COMMITTEE• USER INVOLVEMENT IN IT PLANNING• GENERATION OF REPORTS AGAINST
STRATEGY
![Page 8: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/8.jpg)
IT SECURITY POLICY
• FORMALISED POLICY• APPROVED BY BOARD • OBJECTIVES WELL ESTABLISHED• SCOPE AND EXTENT LAID DOWN• ENABLE RESPONSIBILITY-FIXATION
FOR UPDATING / MONITORING.• DISTRIBUTTION TO STAFF.• ENSURE CONFIDENTIALITY / SECURITY
OF INFORMATION
![Page 9: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/9.jpg)
END-USER COMPUTING
• POLICY AND PROCEDURES FOR– END-USER COMPUTING
– SOFTWARE COPYRIGHTS
– USING STANDARD SOFTWARE
– ANTI-VIRUS PROCEDURES
• DISTRIBUTION TO THE STAFF.
![Page 10: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/10.jpg)
INTERNAL AUDIT
• INVOLVEMENT IN– IT DEVELOPMENT
– IT OPERATIONS.
• INVOLVEMENT VERIFIED FROM
– THE TERMS OF REFERENCE
– EXPERTISE IN IT
![Page 11: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/11.jpg)
CONTROL CONSCIOUSNESS
• DEPENDS ON – MANAGEMENT ATTITUDE
– ORGANISATION STRUCTURE.
• ASSESSED THROUGH – IT RISK ASSESSMENT
– TREATMENT OF RISKS
![Page 12: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/12.jpg)
• DOCUMENT RETENTION – MANAGEMENT POLICY– PROCEDURES TO FORECAST
NEEDS • PERSONNEL
– RECRUITMENT / HIRING POLICY– TRAINING TO THE USERS– EXPERIENCE OF STAFF– ASSESSMENT OF PERFORMANCE – DEPENDENCE ON KEY PERSONNEL
![Page 13: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/13.jpg)
OUTSOURCING• POLICY & DOCUMENTATION
• COVERED BY CONTRACTS
• SECURITY & CONFIDENTIALITY – DATA & PROGRAMS
• PERIODICAL REVIEW OF COSTS
• DEPENDENCE &REPORTING TO BOARD
• CONTROLS ON OUTSOURCED DATA
![Page 14: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/14.jpg)
INVESTMENT
• PROPERLY LAID DOWN PROCEDURES FOR VALUATION OF ASSETS - HARDWARE AND SOFTWARE.
• CLEAR POLICY FOR TO CAPITALISE /CHARGE OFF SUCH COSTS.
![Page 15: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/15.jpg)
• PERIODICAL REVIEW BY THE MANAGEMENT, OF THE EXPECTED CHANGES / EXPENDITURE.
• MANAGEMENT REVIEW OF THE IMPACT OF NEW TECHNOLOGY.
![Page 16: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/16.jpg)
INSURANCE
• INSURANCE OF IT ASSETS .
• INSURANCE POLICY FOR LOSS OF PROFITS / INCREASED COST OF WORKING.
• PRIOR ASSESSMENT OF COST OF RECOVERY
![Page 17: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/17.jpg)
SEGREGATION OF DUTIES
![Page 18: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/18.jpg)
OBJECTIVES
TO HAVE REASONABLE SEGREGATION OF DUTIES
• WITHIN IT DEPARTMENT
• BETWEEN IT AND USER DEPARTMENTS
• TO PREVENT / DETECT ERRORS OR IRREGULARITIES.
![Page 19: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/19.jpg)
ORGANISATION STRUCTURE
• APPROPRIATE ORGANISATION STRUCTURE.
• FORMAL RECOGNITION.
• APPROPRIATE REPORTING .
• SIZE / STYLE OF OPERATIONS SHOULD MATCH NEEDS.
![Page 20: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/20.jpg)
SEGREGATION OF DUTIES - IT
• FOR IT STAFF.
• FOR PROGRAMMERS.
• FOR OPERATORS.
• FOR NETWORK ADMINISTRATORS.
• FOR SECURITY.
![Page 21: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/21.jpg)
SEGREGATION OF IT & USERS
• THROUGH LIMITATION OF RESPONSIBILITIES.
• THROUGH POWERFUL IDs.
• FIXATION OF RESPONSIBILITY TO INITIATE OR AUTHORISE TRANSACTIONS.
![Page 22: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/22.jpg)
• REGULATE AMENDMENTS TO MASTER FILES / OTHER DATA.
• ENABLE CORRECTION OF INPUT ERRORS.
![Page 23: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/23.jpg)
LOGICAL ACCESS CONTROLS
![Page 24: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/24.jpg)
OBJECTIVES
• PREVENTION OF UNAUTHORISED ACCESS TO SENSITIVE DATA OR PROGRAMS.
• PROTECTION OFDATA /SYSTEM CONFIDENTIALITY, INTEGRITY AND RELIABILITY OF DATA /
![Page 25: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/25.jpg)
IDENTIFICATION OF SENSITIVE DATA / APPLICATIONS
• PROCEDURES LAID DOWN TO IDENTIFY SENSITIVE DATA / APPLICATIONS.
• THROUGH SECURITY POLICY.
• THROUGH RISK ASSESSMENT PROCESS.
![Page 26: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/26.jpg)
DESIGN OF USER ACCESS RESTRICTIONS
• THROUGH UNIQUE USER IDS / PASSWORDS.
• THROUGH MENU FACILITIES.
• MANAGEMENT APPROVAL FOR THE MENU OPTIONS.
![Page 27: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/27.jpg)
EFFECTIVENESS OF USER ACCESS RESTRICTIONS
• THROUGH REGULAR CHANGE OF PASSWORDS.
• THROUGH PROTECTION OF PASSWORD .
• THROUGH REPORTS ON SECURITY BREACHES.
![Page 28: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/28.jpg)
IT ACCESS
• PREVENTION OF SYSTEMS DEVELOPMENT STAFF FROM DATA/PROGRAM ACCESS IN PRODUCTION ENVIRONMENT.
• PROPER PROCEDURES TO EFFECT EMERGENCY CHANGES
![Page 29: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/29.jpg)
CONTROL OVER POWERFUL IDs/ UTILITIES
• ADEQUATE CONTROL OF THE ALLOCATION/AUTHORISATION AND USE OF POWERFUL USER IDS/ PASSWORDS.
• REGULAR REPORT ON BREACHES..
![Page 30: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/30.jpg)
PHYSICAL ACCESS CONTROLS
![Page 31: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/31.jpg)
OBJECTIVES
• MINIMISATION OF POTENTIAL RISK OF ACCIDENT OR MALICIOUS DAMAGE TO IT ASSETS
• PREVENTION OF THEFT OF IT ASSETS.
![Page 32: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/32.jpg)
PHYSICAL SECURITY
• ADEQUATE PHYSICAL SECURITY TO COVER THE IT ASSETS.
• PROPER DOCUMENTATION..
![Page 33: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/33.jpg)
SYSTEMS DEVELOPMENT,
MAINTENANCE AND CHANGE CONTROLS
![Page 34: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/34.jpg)
OBJECTIVES
• USERS’ SATISFACTION THROUGH AVAILABILITY& PERFORMANCE OF SYSTEMS .
• SYSTEM RELIABILITY, CONTROLLABILITY COST EFFECTIVENESS.
• DATA INTEGRITY CONTROLS
![Page 35: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/35.jpg)
IN-HOUSE DEVELOPMENT
• PROPER METHODOLOGY FOR IN-HOUSE DEVELOPMENT, WITH INBUILT CONTROLS.
• PROPER PROGRAMMING STANDARDS LAID DOWN.
![Page 36: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/36.jpg)
PACKAGE SUPPORT
• ADEQUATE VENDOR SUPPORT
• MAINTENANCE THROUGH CONTRACTS / AGREEMENTS.
• TESTING OF CHANGES AND UPGRADES BEFORE INSTALLATION.
• SOURCE CODE PROVIDED.
![Page 37: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/37.jpg)
THIRD PARTY DEVELOPMENT / MAINTENANCE
• ASSURANCE ON QUALITY AND COSTS/BENEFITS OBTAINED.
• GOOD REPUTATION OF VENDOR WITH KNOWLEDGE OF COST MANAGEMENT.
• EXISTENCE OF STANDARDS TO CHECK WITH ACTUALS.
![Page 38: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/38.jpg)
PROJECT REVIEW BY MANAGEMENT
• REVIEW BY MANAGEMENT ON THE COST & PROGRESS OF NEW DEVELOPMENTS.
• PROPER REPORTING LINES.
• THROUGH BUDGETS .• EFFECTIVE COST
ACCOUNTING AND CONTROLS.
![Page 39: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/39.jpg)
USER INVOLVEMENT IN DEVELOPMENT
• USER INVOLVEMENT.
• USERS’ SIGN OFF OF SPECS.
• USER TESTING FOR ACCEPTANCE.
• PROPER TRAINING OF USERS.
• PROVISION OF USER MANUALS.
![Page 40: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/40.jpg)
BUSINESS CONTINUITY
PLANNING CONTROLS
![Page 41: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/41.jpg)
OBJECTIVES
• MINIMISATION OF CHANCES OF MAJOR FAILURES
• TO ENSURE EARLY RESUMPTION OF BUSINESS , IN CASE OF NON-RELIABILITY OF THE SYSTEMS OR FACILITIES.
![Page 42: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/42.jpg)
RISK ASSESSMENT - BUSINESS DISRUPTION
• PRIOR IDENTIFICATION OF THE CRITICAL SYSTEMS .
• DETERMINATION OF THE PERIOD FOR CONTINUANCE OF BUSINESS OPERATIONS WITHOUT THE CRITICAL IT SYSTEMS.
![Page 43: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/43.jpg)
BUSINESS CONTINUITY
• PLANS FOR BUSINESS CONTINUITY LAID DOWN.
• REGULAR REVIEW/ UPDATING OF PLANS.
• USER PROCEDURES.
• BOARD APPROVAL FOR THE PLANS.
![Page 44: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/44.jpg)
BACK-UP FREQUENCY
• PERIODIC DATA BACK-UP.
• MORE BACK-UP FREQUENCY.
• DEPEND ON CRITICALITY OF PROCEDURES / CHANGES.
![Page 45: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/45.jpg)
BACK-UP COMPOSITION
• DATA FILES, PROGRAMS AND SYSTEM SOFTWARE .
• DOCUMENTATION SUCH AS USER MANUALS, SYSTEMS MANUAL ETC., SHOULD ALSO BE BACKED UP.
![Page 46: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/46.jpg)
BACK-UP SECURITY / LOCATION
• SECURED BACK-UP IN AN OFF-SITE LOCATION.
• MAINTENANCE OF PROMPT AND PROPER RECORD OF MEDIA MOVEMENT .
• PROPER AUTHORISATION OF MEDIA MOVEMENTS.
![Page 47: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/47.jpg)
TESTING
• REGULAR TESTING OF BACK-UP AND RECOVERY .
• DETERMINATION OF RECOVERY TIME
• TESTING AFTER CHANGES TO SYSTEMS / PROGRAMS.
• LOG OF TESTS CONDUCTED.
![Page 48: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/48.jpg)
APPLICATION CONTROLS
![Page 49: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/49.jpg)
APPLICATIONS• PROGRAMS TO HANDLE
ORGANISATIONAL FUNCTIONS LIKE –– PRODUCTION– FINANCE/COST ACCOUNTS– MATERIALS MANAGEMENT– PAYROLL– LIBRARY MANAGEMENT– SHARE TRADING– CUSTOMER SERVICE IN BANKS
![Page 50: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/50.jpg)
CONTROL OBJECTIVES
FOR INPUT• TO ENSURE
– EXISTENCE OF PROPER AUTHORITY
– UNIQUENESS
– ACCURACY
– COMPLETENESS
![Page 51: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/51.jpg)
OBJECTIVES
FOR DATA PROCESSING
• TO ENSURE– COMPLETENESS– ACCURACY– UNIQUENESS– VALIDITY – ACCEPTABILITY
![Page 52: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/52.jpg)
OBJECTIVESFOR OUTPUT
• TO ENSURE
–COMPLETENESS–ACCURACY – CONTROL OVER THE
PLANNED DISTRIBUTION OF OUTPUT
![Page 53: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/53.jpg)
![Page 54: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/54.jpg)
OBJECTIVES
• TO ENSURE
– ACCEPTANCE OF EVERY INPUT INTO THE SYSTEM, ONLY ONCE
– ACCURATE RECORDING OF INPUT
![Page 55: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/55.jpg)
• AGREEMENT OF TRANSACTION TOTALS, IN BATCH INPUTS WITH A MANUAL TOTAL
• MANUAL TOTALS ARE PRE-RECORDED IN BATCH HEADER DOCUMENTS
• TOTALS BE ENTERED WELL AHEAD OF COMMENCEMENT OF PROCESSING
![Page 56: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/56.jpg)
• USER- DEVISED MECHANISM TO CONTROL PROCESSING ALL BATCHES.
• LOGGING & REVIEW OF THE CONTROL MECHANISM ON BATCH PROCESSING.
![Page 57: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/57.jpg)
• DEVISING INBUILT VALIDITY CHECKS TO CHECK THE ACCURACY OF INPUT.
• EXAMPLE– A CHECK ON THE CUSTOMER
CODE AND ITS FORMAT AND A CHECK THAT THE CODE IS VALID).
![Page 58: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/58.jpg)
• REJECTION, BY THE SYSTEM, OF INPUTS THAT FAIL VALIDITY TESTS
• GENERATION OF EXCEPTION REPORTS
• KEEPING ALL INVALID TRANSACTIONS, IN SUSPENSE ACCOUNTS, FOR ACTION BY USERS.
![Page 59: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/59.jpg)
• IN CASE OF CRITICAL AND SMALL VOLUME INPUT, RESORTING TO ‘ONE-TO-ONE INPUT CHECKING’ COULD BE EFFECTIVE
![Page 60: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/60.jpg)
![Page 61: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/61.jpg)
OBJECTIVES
• TO ENSURE COMPLETE & PROPER PROCESSING OF DATA.
• TO CHECK AGAINST DUPLICATE PROCESSING.
• TO ENSURE APPLICATION OF ALL APPROPRIATE PROCESSES ON THE CORRECT DATA.
![Page 62: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/62.jpg)
RUN-TO-RUN TOTALS
• PRIOR IDENTIFICATION OF RUN-TOTALS
• AGREEMENT OF RUN-TOTALS WITH THE TOTALS OF THE SYSTEM, AFTER DATA PROCESSING.
![Page 63: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/63.jpg)
• WHEN TWO TOTALS CAN BE RELATED, CONTROLLING FROM THAT POINT FORWARD, BY MEANS OF THE SECOND TOTAL.
![Page 64: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/64.jpg)
• EXAMPLE– USING PIVOT TOTAL IN
TIME RECORDING / PAYROLL SYSTEM
–REGULATING GROSS PAY WITH REGARD TO HOURS WORKED
–ITS ADOPTION FOR FURTHER PROCESSING.
![Page 65: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/65.jpg)
INDEPENDENT CONTROL ACCOUNT
• TO PREDICT PROCESSING RESULTS
• TO HIGHLIGHT AN UNEXPECTED RESULT
• HERE, CONTROL ACCOUNT POSTED FROM AN INDEPENDENT SOURCE IS USED
![Page 66: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/66.jpg)
• HELPS IN FLAGGING ERRORS CAUSED BY EXTRANEOUS FACTORS, LIKE ----– USE OF AN INCORRECT
LEDGER/ FILE DURING DATA PROCESSING
![Page 67: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/67.jpg)
![Page 68: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/68.jpg)
OBJECTIVES
• TO ENSURE•INPUT-OUTPUT CONSISTENCY
• COST-EFFECTIVE DISTRIBUTION OF OUTPUT
![Page 69: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/69.jpg)
COMPLETENESS OF PRINCIPAL REPORTS
• PRIOR ESTABLISHMENT OF TOTALS OF THE DESIRED OUTPUT
• PRINTING OF TOTALS ON PRINTING OF THE OUTPUT
![Page 70: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/70.jpg)
• COMPARISON OF THESE TOTALS WITH INDEPENDENT CONTROL ACCOUNT TOTALS.
• COMPARISON OF THESE TOTALS WITH PRE-COMPUTED TOTALS AS PER UPDATE REPORTS.
![Page 71: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/71.jpg)
COMPLETENESS OF SELECTIVE REPORTS
• NOT POSSIBLE TO AGREE WITH PRINCIPAL REPORTS DUE TO ITS NATURE.
![Page 72: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/72.jpg)
• THE TOTALS CAN BE PRINTED ON THESE REPORTS TO CONFIRM ADDRESSING ALL DATA RECORDS WHILE MAKING THE SELECTION.
![Page 73: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/73.jpg)
![Page 74: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/74.jpg)
• CAN BE INSTALLED
• DIFFICULT TO IMPLEMENT MANY CONTROL PROCEDURES REQUIRED FOR MANAGEMENT AUDITORS
– (UNLIKE IN BATCH PROCESSING)
![Page 75: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/75.jpg)
POSSIBLE CONTROL MEASURES
• ONLY IN-BUILT PREVENTIVE CONTROLS LIKE PASSWORD PROTECTION
• CONVERSATIONAL EDITING
• LOG FILES TO MINIMISE THE RISKS TO SYSTEMS
![Page 76: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/76.jpg)
• ONE-TO-ONE CHECKING• EXCEPTION REPORTING• REPORT ON SUSPENSE
ACCOUNT • POSTING & RECONCILIATION
OF DATA TO AN INDEPENDENT REAL CONTROL ACCOUNT.
![Page 77: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/77.jpg)
![Page 78: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/78.jpg)
• CONTROL PROBLEMS AS IN REAL TIME SYSTEMS.
• MORE RELIANCE ON THE GENERAL IT CONTROLS.
• COMPLETENESS OF REPORTS HINGES ON ACCURACY OF THE DATA MORE THAN PROGRAMS.
![Page 79: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/79.jpg)
POSSIBLE CONTROL MEASURES
• ALL REPORTS TREATED AS EXCEPTION REPORTS
• COMPLETENESS OF REPORTS SHOULD BE PROVED .
• INTEGRITY CHECKING BY ADMINISTRATORS TO CHECK & CONTROL ERRORS.
![Page 80: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/80.jpg)
![Page 81: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/81.jpg)
• IDENTIFY MAIN INPUTS.• TEST-CHECK THE
PROCEDURES FOR INPUT-AUTHORISATION
• VERIFY THE ADEQUACY OF CHECKS FOR DATA VALIDATION
![Page 82: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/82.jpg)
• VERIFY THE ADEQUACY OF PROCEDURES TO ENSURE COMPLETENESS OF DATA
• VERIFY THE PROCEDURES TO HANDLE INCORRECT DATA.
![Page 83: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/83.jpg)
• CHECK THE CONTROLS, AT EACH STAGE OF PROCESSING FOR – DATA VALIDATION – DATA COMPLETENESS– DATA ACCURACY
• CHECK ERROR- HANDLING PROCEDURES AT EACH STAGE OF PROCESSING.
![Page 84: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/84.jpg)
• CHECK THE CONTROLS FOR ACCURACY AND ADEQUACY OF INPUTS (BY RECONCILING OUTPUT
WITH INPUTS)• CHECK THE CONTROLS TO
PROTECT OUTPUT BEFORE DISTRIBUTION
![Page 85: TO ENSURE THE EFFICIENT & EFFECTIVE DEVELOPMENT / MAINTENANCE OF IT SYSTEMS PROPER IMPLEMENTATION OF IT SYSTEMS PROTECTION OF DATA AND PROGRAMS](https://reader036.vdocuments.net/reader036/viewer/2022062516/56649e215503460f94b0cbe3/html5/thumbnails/85.jpg)
• CHECK THE CONTROLS OVER THE ISSUE OF FINANCIAL STATIONERY.
• CHECK THE EFFECTIVENESS OF
– ACCESS RESTRICTION
– SECURITY OVER SENSITIVE INFORMATION
– PASSWORD MANAGEMENT