案例讨论

willyintown

感谢降龙十八掌的无私给大家奉献个人资料。以下是一个案例，请CISA的考友结合Manual 中的第一，第六和第七章的有关知识发表文章。\r\n\r\nAt a meeting of the corporate audit committee attended by the general manager of the products division and you, representing the internal audit department, the following dialogue took place:\r\n\r\nSmith (general manager): I don’t know much about the technicalities of computers, but the division has some of the best computer people in the company.\r\n\r\nJones: Do you know whether the internal controls protecting the system are satisfactory?\r\n\r\nSmith: I suppose they are. No one has complained. What’s so important about controls anyway, as long as the system works?\r\n\r\nJones turns to you and asks you to explain computer control policies and procedures.\r\n\r\nRequired: Address your response to the following points:\r\n\r\na) State the principal objective of achieving control over (1) input, (2) processing, (3) output.\r\nb) Give at least three methods of archiving control over (1) source data, (2) processing, (3) output.\r\n