pertemuan 17-18 matakuliah: a0214/audit sistem informasi tahun: 2007
Post on 22-Dec-2015
218 views
TRANSCRIPT
![Page 1: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/1.jpg)
Pertemuan 17-18
Matakuliah : A0214/Audit Sistem InformasiTahun : 2007
![Page 2: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/2.jpg)
Bina Nusantara
APPLICATION RISK AND CONTROLS
![Page 3: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/3.jpg)
Bina Nusantara
Application Risks• Weak security• Unauthorized access to data• Unauthorized remote access• Inaccurate information• Erroneous or falsified data input• Misuse by authorized end users• Incomplete processing• Duplicate transactions• Untimely processing• Communications system failure• Inadequate training• Inadequate support
![Page 4: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/4.jpg)
Bina Nusantara
End User Computing (EUC) Application Risks• Inefficient use of resources• Incompatible systems• Redundant systems• Ineffective implementations• Absence of separation of duties• Unauthorized access to data or programs• Copyright violations• The destruction of information by computer viruses
![Page 5: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/5.jpg)
Bina Nusantara
Electronic Data Interchange (EDI)Application Risks
• Loss of Business Continuity / Going Concern Problem
• Interdependence• Loss of confidentiality or sensitive information• Increased exposure to fraud• Manipulation of payment• Loss of transactions
![Page 6: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/6.jpg)
Bina Nusantara
Electronic Data Interchange (EDI)Application Risks
• Errors in information and communication systems• Loss of audit trail• Concentration of control• Application failure• Potential legal liability• Overcharging by third party service providers• Manipulation of organization• Not achieving anticipated cost savings
![Page 7: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/7.jpg)
Bina Nusantara
Implications of risks in an EDI systems
• Potential loss of transaction audit trail• Increased exposure to ransom, blackmail, or
fraud• Disruption of cash flows• Loss of profitability• Damage to reputation• Financial collapse
![Page 8: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/8.jpg)
Bina Nusantara
Application Controls• Input Controls• Interfaces• Authenticity• Accuracy• Processing controls• Completeness
![Page 9: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/9.jpg)
Bina Nusantara
Application Controls• Error correction• Output controls• Reconciliation• Distribution• Retention• Functional Testing and Acceptance• Management Approval
![Page 10: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/10.jpg)
Bina Nusantara
Documentation Requirements• Standards and descriptions of procedures• Instructions to personnel• Flowcharts• Data flow diagrams• Display or report layout• Other materials that describe the systems
![Page 11: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/11.jpg)
Bina Nusantara
Application Software Life Cycle• System Development Methodology
– An information systems strategy that guides developers in building systems that are consistent with the organization’s technical and operational goals
– Standards that guide in selection of hardware, software, and in developing new systems
– Policies and procedures that support the organization’s goals and objectives
– Project management which ensures that project are completed on time and within budget
• User Interface– Means by which the user interacts with the system.
![Page 12: Pertemuan 17-18 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007](https://reader035.vdocument.in/reader035/viewer/2022062320/56649d815503460f94a6596a/html5/thumbnails/12.jpg)
Bina Nusantara
Application Maintenance• Corrective maintenance
– Emergency program fixes and routine debugging
• Adaptive maintenance– Accommodation of change
• Perfective maintenance– User enhancements– Improve documentation– Recording for efficiency