ACCA SBL Syllabus E. Technology And Data Analytics - Information Technology Controls - Notes ^{2 / 5}

These can be split into general controls and application controls

General controls:

As the name suggests these apply to all IT applications and are not specific 

Examples

1. Back-up procedures, anti-virus software and firewalls

2. The process of purchasing hardware & software acquisition and their maintenance

3. Physical access controls (to servers etc) as well as passwords etc

Application Controls:

These are SPECIFIC controls over a particular process (eg. Sales orders, wages etc)

Examples

1. Range tests which reject data outside the given range (e.g. Enter your phone number but there’s too many/few digits and it will highlight the error)

2. Numerical sequence checks to ensure that all accountable documents have been processed

3. Drop down menus which constrain choices and ensure only allowable entries can be made

4. Batch total checks

Again here this just takes common sense from the scenario to ensure all the obvious controls are in place - don’t try and be too clever.

Think passwords, laptop security overnight etc - overall use the scenario