Following are the key internal control issues which concerns the auditor while conducting audit in an EDP environment.
The computerized information system should verify the identity of the person or process before any input is allowed. Passwords and User ID/ personal identification numbers are commonly used control procedures for this.
Correctness of input data and processes is the important part of internal control.
Completeness of data and processing is also very important. Procedures commonly employed to ensure completeness are edit tests and financial control totals.
This implies that data item should be processed only once. There should be no redundant data.
e. Assets Safeguarding:
This implies that all resources of the computer system including data files should be protected from destruction and corruption. Back up data files should be maintained in back up servers.
f. Existence of Audit Trail:
The source and nature of all data and processes that update database from which the financial statements are generated should be recorded in the system.