100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Summary Controls in a computer environment $6.56
Add to cart
Quickly navigate to
Preview
  2.  
  3. University Of Pretoria (UP)
  4.  
  5. ODT200 (ODT200)

Summary

Summary Controls in a computer environment
 16 views  1 purchase
  • Course
  • ODT200 (ODT200)
  • Institution
  • University Of Pretoria (UP)
  • Book
  • Auditing Fundamentals in a South African Context

This document provides a summary of the controls within a computer environment. It goes into detail around general IT controls and application controls.

Preview 2 out of 11  pages

Document information

  • No
  • Chapter 5
  • May 31, 2022
  • 11
  • 2021/2022
  • Summary

Subjects

  • odt200
  • odt300
  • controls
  • computer environment
  • general it controls
  • application controls
  • internal controls

Connected book

book image

Book Title:

Author(s):

  • Edition:
  • ISBN:
  • Edition:

More summaries for

  • planning phase- audit phase
  • planning phase in the audit
  • Auditing 288/388 Summary
All for this textbook (19)

Written for

  • University of Pretoria (UP)
  • ODT200 (ODT200)
All documents for this subject (1)

Seller

avatar-seller
mandylee14

Reviews received

Content preview

Week 4 Planning Controls in a
Computer Environment
Controls – Def per ISA315 Policies or procedures that an entity
establishes to achieve the control objectives of management or
those charged with governance. In this context:
(i) Policies = statements of what should, or should not, be done
within the entity to effect control.
(ii) Procedures = actions to implement policies.


General IT Controls
Access General info:
Controls
Prevents unauthorised persons from gaining access + limiting
activities to certain areas.
Least privilege principle: person only given access to what they
need in order to do their duties properly.

Preventative Controls:
Security policy: document that contains all risks identified as well as
the responsibility of each employee to act in conscious manner.

Physical access:
1. Limit access to physical premises by:
a. have high electric fences
b. install security gates and doors by which they may only be
opened by means of tag, pin or biometric access.
c. have security guard
d. visitors must sign register
e. doors should remain locked at all times
f. premises must be monitors by means of TV (cameras installed)
g. hardware and important documents must be locked away in
dedicated room
h. logs and registers must be reviewed regularly of visitors or
employees entering


2. Limit access to computer terminals by having:

, a. Should only have 1 access point to enter and exit
b. Manager should supervise activities on computer
c. Access to computer should be limited to office hours
d. Computer and hardware must be secured to table or desk by
using cable or metal
e. logs and activity registers must be regularly reviewed.

3. Access to sensitive information limited by:
a. storing devices away in locked room/ cupboard
b. employ data librarian to keep track of sensitive files. She could
use a register which can be signed

Logical Access controls
1. Identification
a. ID number or username
b. magnetic cards
c. biometric techniques


2. Authentication
a. ask specific questions that only user would know (name of
favourite high school teacher)
b. fingerprint or face scan
c. unique password that must meet the following criteria
-not obvious or easy to guess
-remain confidential
-be at least the minimum length prescribed
-contain variety of characters such as letters, numbers and
symbols
-changed frequently
-don’t display on screen
-must be removed from system if employee/ user resigns from
company
-if unsuccessful 3 times when entering password, should
blocked (full safe).

3. Authorisation
a. access to system and data files must be limited to what user
needs to do duties (least privilege principle).
b. access rights are set up once new user is added.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller mandylee14. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $6.56. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

50843 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$6.56  1x  sold
  • (0)
Add to cart
Added