In: Accounting
Identify which IT Application Controls would best mitigate the threats outlined. Expand upon your answer to analyze the relationship among risk/opportunity/control. Also consider how these scenarios could be detected by an audit internal or external.
Which types of input controls would mitigate the following threats?
A. Posting to customer account that does not exist-
Preventive control prohibiting creation of customer account without approval based on the ALM.
Detective control- sending customer confirmation at period end to confirm transactions and closing balance
Preventive control- Requiring approved customer agreement at the time of entering the sales and requiring approver's name from Company to be selected so that a mail gets triggered to the approver intimating about the transaction. Approver to either confirm or refute the transaction.
B. A Customer entering too many characters
Preventive control- Allow only numeric inputs in Pin Code
C. Intern's pay rate-
Preventive control- Requiring to select one of the 3/4 standard pay rate
Detective- Performing Month to Month Analytics
Detective- Completeness check by multiplying standard rate with the number of intern's
D. Approving a customer order without the customer’s address so the order was not shipped on time
Preventive- Order cannot be placed without completing mandatory fields and address is one of them
Prevenitve- Mandatory requirement to input Pin Code
E. Entering the contract number of a critical contract as 13688 instead of 16388, which is a serious mistake for the company
Preventive- Maker - Checker seperation so that every input is reviewed and approved before transaction gets accounted