Types of Controls and Scope
General controls – The organization’s entire processing environment
Application controls – Particular to each of the organization’s applications
Three Categories of Application Controls are:
Input controls
Processing controls
Output controls
Three types of controls classified by function are:
Preventive controls
Detective controls
Corrective controls
Input controls provide reasonable assurance that data submitted for processing are
Authorized
Complete
Accurate
Examples of Input Controls are:
Preformatting Entry in an online tax return
Edit (field) checks – Rejecting the input of letters for SSNs
Limit (reasonableness) checks – Rejecting working hours of over 100 per week
Check digits – Using algorithms to verify ID numbers
Record count – Matching the number of time clock cards with the number of payroll records processed
Financial total – Matching the sum of individual salaries with total salaries
Hash total – Matching the sum of individual SSNs with a predetermined total
Processing controls provide reasonable assurance about:
Processing controls provide reasonable assurance that
All data submitted for processing are processed
Only approved data are processed
Examples of processing controls.
Control Description /Example
Validation Rejecting transactions by vendors whose vendor numbers are not in the vendor master file
Completeness check – Rejecting records with missing data
Arithmetic controls – Zero-balance checking
Output controls provide assurance that processing was complete and accurate.
Control Description/Example
Audit trail Checking for the completeness of each process
Error listing Reporting all transactions rejected by the system
If you have found this blog to be useful, you may share with your friends. Thanks!