The Entity-Level controls associated with ABC Ferries include a Disaster Recovery Plan, and an Internal Audit of all IT records. Because the Disaster Recovery Plan focuses on higher-level issues, ensuring that all information is backed up off-site and a complete plan is in place in case of a disaster, it is considered an Entity-Level control. In addition, the Internal Audit is performed to help detect fraud and is an overall policy that is in place, making it an Entity-Level control as well.
The IT General Controls in the system are an Employee Login ID and Fingerprint Scanner, Removal of Duplicate Entries, and a Summary of Employee Logs. IT General Controls are put into place to address potential or real risks within an IT System and …show more content…
An Application Control ensures that a specific business process is being done correctly in order to achieve specific goals or avoid risks. The Membership Card Validation occurs when an employee swipes the membership card of an individual, and ensures that the individual is in fact a current member, reducing the risk of an individual claiming to be a member without paying for a membership. Because the Membership Card Validation is used in only one application, it is considered an application control. The Ticket Verification System involves scanning a barcode on a customer’s ticket in order to ensure that their record is in the system which is related to a specific application, causing it to be classified as an application …show more content…
The Summary of Employee Logs is considered a detective control because the manager reviews them to see if anything is out of the ordinary, and to detect accidental errors as well as possible fraud or intentional mistakes. The Membership Card Validation is used to ensure that individuals claiming to be members actually have current memberships, and is considered detective because it will signal if someone is trying to falsely claim to be a member. The Ticket Verification System is detective because it will report if the ticket doesn’t match what is stored in the system, and signal that there is either an error, or the ticket is