Explore BrainMass

IT Controls: Suggest a control weakness and test method

This content was STOLEN from BrainMass.com - View the original, and get the already-completed solution here!

Controls for IT and Reporting & Evaluation

? Imagine you are a controller for a company.
? Identify the internal control reporting options.
? Create criteria against which the options can be evaluated.
? Include internal controls for IT.

Come up with a 5 things wrong with the IT function of a company which would be defined as a control weakness. Come up with a proposed control and then how and when it will be tested.

Here's an example:

Control weakness. Employees have the ability to enter prices that are different from those on the company price list

Proposed control. Employees are restricted by policy from affecting transactions or making changes to the prices when they are entered into the register. However, the system does not prevent the employees from doing this. We must remove these abilities from all of the employees and provide an override whereby managers can approve an amount different from the list price

Proposed test method. On at least a quarterly basis, internal audit will go to each register and attempt to enter prices different from the list price for a selection of items using different employee names. A list of management over-rides will be produced once a month and signed off on by the store manager and the district supervisor. Deviations of greater than 20 percent will be flagged for detailed explanation

© BrainMass Inc. brainmass.com October 17, 2018, 12:08 am ad1c9bdddf

Solution Preview

This is an original work and has not been previously published or shared with any other source. This work is to be treated as a guideline to assist you with this assignment. At no time is it intended to be a final submission work and I discourage you from using it as such. Points made and topics discussed in this work should be researched further and validated by the student prior to utilizing it in their own work which will be complied for final submission to their schools.
1a. Control Weakness: The time and attendance system is activated by employees logging into the system with their username and password. Employees frequently log into the system as each other and create fraudulent clock-in times for each other.

1b. Proposed Control: Company policy states that employees can only clock-in as themselves. They may not represent another employee in performing this activity. Controls need to be in place that utilize a unique identifier for each individual employee such as a thermal fingerprint scanner. Management must have administrative rights over all accounts for the purpose of set-up, edits and deletions of personnel time records.

1c. Proposed Test Method: These systems will be audited on a monthly basis to ensure that the unique identifier is accurate across all employees base files and that proper machine quality control measures are performed at the manufacturer recommended intervals. ...

Solution Summary

Controls for IT and Reporting & Evaluation

? Imagine you are a controller for a company.
? Identify the internal control reporting options.
? Create criteria against which the options can be evaluated.
? Include internal controls for IT.

Similar Posting

Statistics Questions - quasi-experiments

A. Complete Jackson Even-numbered chapter exercises, p, 360

1Describe the advantages and disadvantages of quasi-experiments? What is the fundamental weakness of a quasi-experimental design? Why is it a weakness? Does its weakness always matter?
2If you randomly assign participants to groups, can you assume the groups are equivalent at the beginning of the study? At the end? Why or why not? If you cannot assume equivalence at either end, what can you do? Please explain.
3Explain and give examples of how the particular outcomes of a study can suggest if a particular threat is likely to have been present.
4Describe each of the following types of designs, explain its logic, and why the design does or does not address the selection threats discussed in Chapter 7 of Trochim and Donnelly (2006):
Non-equivalent control group pretest only
Non-equivalent control group pretest/posttest
5Why are quasi-experimental designs used more often than experimental designs?
6One conclusion you might reach (hint) after completing the readings for this assignment is that there are no bad designs, only bad design choices (and implementations). State a research question for which a single-group post-test only design can yield relatively unambiguous findings.

Part II - Answer the following questions:
1What research question(s) does the study address?
2What is Goldberg's rationale for the study? Was the study designed to contribute to theory? Do the results of the study contribute to theory? For both questions: If so, how? If not, why not?
3What constructs does the study address? How are they operationalized?
4What are the independent and dependent variables in the study?
5Name the type of design the researchers used.
6What internal and external validity threats did the researchers address in their design? How did they address them? Are there threats they did not address? If so how does the failure to address the threats affect the researchers' interpretations of their findings? Are Goldberg's conclusions convincing? Why or why not?
Support your paper with a minimum of 5 resources

View Full Posting Details