Auditing Standard 5: Information Technology General Controls Testing
This assignment addresses Objective 1: Overall Security, in Chapter 11: Auditing Computer-based Information Systems. It requires testing some form of access authorization control, typically called an IT General Control (IT GC). You will find posted on the course site AS 5 PowerPoint presentation. Please review as you do this assignment. Chapter 11 also plays a part in this assignment.
Required: A. Select a resource that is subject to access authorization control to access a resource. The resource can be anything, including hard assets or soft (information) assets. Also, it could be a non-financial or financial (accounting) resource. Examples: Access to
…show more content…
15, 2012. Risk | Types of errors and fraud:Unauthorized access to computer lab because of not scanning your student ID____________________________________________________________________ | Control objective(s) | List control objectives here:Card recognition scanner will test student IDs to determine if student belongs to the business school. | Control procedures | Briefly, describe here the relevant control procedure that you will test. Do NOT list other control procedures.I will test weather Business students successfully gain entrance into the Seagate Technology Lab with the use of their student ID. I will look at who gains entrance with their student ID and who uses other means of gaining entrance. | Audit procedure: System review | Not required. Please skip. | Audit procedure: Test of Controls | Test site location (if away from campus, provide address): Technology LabNature of test: Student ID Time period: (Select at least two time periods of at least 20 minutes each. Be careful to select representative time periods when the risk exposure is high.) 1. From 5:15 PM on Monday Dec 10 to 6:00 on Monday Dec 10 2. From 3:30 PM on Tues Dec 11 to 4:00 PM on Tues Dec 11 NOTE: Analyze the following by time periods and in the aggregate: A. The number of times the test failed: 13 B. The number of times the test was successful: 43 C. Percentage of authorization