In accounting systems, certain controls are needed to ensure that employees are doing their jobs properly and ensure that the system runs properly. These checks are in the best interest of the organization. These controls come in the form of internal and external controls for the system. The internal controls are the checks that are placed in the system my the company's own management and directors. Today more and more companies are moving from the manual accounting systems to computerized accounting information systems. The advantages of a computerized system are increases in the speed and accuracy of processing accounting information. However, as systems become computerized, the internal controls for that system has to be adapted accordingly. This is because computerized systems bring with them certain unique problems that can only be removed or minimized by adapting the present controls and adding new controls. These problems are
· In a manual system there is a paper trail for the internal auditor to follow. All records and transactions are kept on paper and so an auditor has clear and documented proof of what has transpired. Computerized systems rarely have a clear paper trail to follow. Since computers do all of the sorting of the information the company rarely sorts the source documents. Also the computer does most of the calculations and processing so there would not be the amount of documentation that there would be in a manual system.
· Another problem of computer systems is the fact that there can be difficulty in determining who entered the data. In a manual system the identity of the person entering the data can be identified possibly by the person's handwriting. This cannot be done in a computerized system. This makes it very difficult to determine who is responsible for errors or fraud. · Since the computers do all calculations and processing errors can occur due to bad design of the program. This can be difficult to detect especially if the error does not occur frequently and only does so under particular conditions.
· Computer systems also offer new opportunities for fraud. If a computerized system is not set up properly and certain checks not put in then the computer system can be used to defraud the company. The fact that it is difficult to trace who enters the data only adds to the magnitude of this.
In order to minimize the risks of errors or fraud occurring in the computer system certain controls have to be put into place. These controls can be broken up into three different categories. They are
1. Administrative Controls
2. Systems Development Controls
3. Procedural Controls
Administrative controls are those controls are those controls that are placed on the system to ensure the proper organization and processing of data. These administrative controls are
Division of duties.
Duties are assigned to different individuals in the organization. This is done in such a way that no one person can have full control over a transaction. This ensures that an individual cannot have full control over the creation and operating of the system. One reason for this division is having one person controlling the system can result in fraud if that person is not completely trustworthy. Another reason for the division of duties is to prevent the organization from becoming totally dependent on the person controlling the computer system. If this person were to leave then the organization would have no one to run the system. The division of duties ensures that employees can leave without having any major effect on the system.
Operation controls are necessary controls since they since they determine what the computer systems and the employees using the system have been doing. These controls can come in the form of
· rotation of shifts...