Question

In: Accounting

Adequate controls have to be implemented if an organization wants to reduce errors and fraud when...

Adequate controls have to be implemented if an organization wants to reduce errors and fraud when using computer technology. It is in the design stage of an information system that the appropriate controls are planned to ensure reliability of data. A good design can prevent both intentional and unintentional alteration and destruction of data. The data controls can be classified as input controls, process controls, and output controls. For each of these control categories, provide two specific controls, and state their contribution to data reliability.

Solutions

Expert Solution

1) Input Controls – These controls are used mainly to check the integrity of data entered into a business application, whether the data is entered directly by staff, remotely by a business partner, or through a Web-enabled application or interface. Data input is checked to ensure that is remains within specified parameters.

  • Data checks and validation Control :
    • • Reasonableness and limit checks on financial values.
    • Format and required field checks; standardized input screens.
    • Sequence checks (e.g., missing items), range checks, and check digits.
    • Cross checks (e.g., certain policies are only valid with certain premium table codes).
    • Validations (e.g., stored table and drop-down menu of valid items).
  • Automated segregation of duties and access rights Controls
    • ​​​​​​​Individuals who set up approved vendors cannot initiate purchasing transactions.
    • Individuals who have access to claims processing should not be able to set up or amend a policy

Processing Controls – These controls provide an automated means to ensure processing is complete, accurate, and authorized.

  • Audit trails and overrides Controls
    • ​​​​​​​Automated tracking of changes made to data, associating the change with a specific user.
    • Automated tracking and highlighting of overrides to normal processes.
  • Interface balancing Controls
    • ​​​​​​​Automated checking of data received from feeder systems (e.g., payroll, claims data, etc.) into data warehouses or ledger systems.
    • Automated checking that balances on both systems match, or if not, an exception report is generated and used.

Output Controls – These controls address what is done with the data and should compare output results with the intended result by checking the output against the input.

  • General ledger posting Control
    • ​​​​​​​All individual and summarized transactions are posted to general ledger
  • Subledger posting Control
    • ​​​​​​​All successful transactions are posted to subledger

Related Solutions

1. List some controls that reduce fraud risks. 2. Explain how you can detect fraud
  1. List some controls that reduce fraud risks. 2. Explain how you can detect fraud.
Discusses how an organization should incorporate the learning's of the fraud triangle to reduce the risk...
Discusses how an organization should incorporate the learning's of the fraud triangle to reduce the risk of fraud/misconduct within their organization. Your recommendations should include programs and controls designed to impact all three elements of the triangle (pressure, opportunity, rationalization). Please make sure to include the role leaders play in reducing fraud risk.
Describe when some cybersecurity framework controls cannot be implemented (such as on a personal laptop, IoT,...
Describe when some cybersecurity framework controls cannot be implemented (such as on a personal laptop, IoT, and other mobile devices).
The following are errors or fraud and other irregularities that have occurred in Fresh Foods Grocery...
The following are errors or fraud and other irregularities that have occurred in Fresh Foods Grocery Store Ltd., a wholesale and retail grocery company. The incorrect price was used on sales invoices for billing shipments to customers because the incorrect price was entered into a computer file. A vendor’s invoice was paid twice for the same shipment. The second payment arose because the vendor sent a duplicate copy of the original two weeks after the payment was due. Employees in...
In regards to cash and inventory, what are some "compensating controls" that could have been implemented...
In regards to cash and inventory, what are some "compensating controls" that could have been implemented for this small business (review Ch. 4 for ideas)?
For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements...
For your organization/business, take the NIST Cybersecurity Framework controls and reduce them to system configuration requirements and system test cases with pass/fail criteria. Refer to the "Framework for Improving Critical Infrastructure Cybersecurity," located within the Course Materials. Then, include the following in a report:(Hint..The professor wants us to use table 2 of the cybersecurity framework(CSF) to answer this question.I know the question has to do how some of the controls of the protect function of CSF cannot work for mobile...
What types of intrusion detection have been implemented in your organization?
#1) What types of intrusion detection have been implemented in your organization? If you do not work for an organization, research different intrusion detections and describe how it works.#2) A company has suffered a data breach. Investigators are able to establish exactly when the data breach occurred, but on checking the IDS logs, no evidence of the breach is present. What type of intrusion detection error condition is this?
Explain what is to be done when cybersecurity framework controls (NIST SP 800-53) cannot be implemented.
Explain what is to be done when cybersecurity framework controls (NIST SP 800-53) cannot be implemented.
Risks should be monitored after risks have been identified and mitigations have been implemented to reduce...
Risks should be monitored after risks have been identified and mitigations have been implemented to reduce the likelihood of exploit. Identify and explain risk monitoring methods that should be used to ensure the identified risks and risk mitigation's remain at an acceptable level.
Identify three conditions that would need to be implemented (or have already been implemented) in your organization to create a culture of innovation and change.
Identify three conditions that would need to be implemented (or have already been implemented) in your organization to create a culture of innovation and change.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT