Professional Documents
Culture Documents
0
1
Introduction
Terminologies
03
Systems Development
Controls
02
0
4 Related Case
0
5
Summary
06
Bibliography
Introduction
A systems development lifecycle
(SDLC) has three primary objectives:
ensure that high quality systems are
delivered, provide strong management
controls over the projects, and
maximize the productivity of the
systems staff.
In order to meet these objectives the
SDLC has many specific requirements
it must meet, including: being able to
support projects and systems of various
scopes and types, supporting all of the
technical activities, supporting all of the
management activities, being highly
usable, and providing guidance on how
to install it.
Terminologies
Source Program
a program written in a language other than machine code, typically a highlevel language.
Compiler
is a computer program (or a set of programs) that transforms source code
written in a programming language (the source language) into another
computer language (the target language), with the latter often having a
binary form known as object code.
Terminologies
Load Module
a program or combination of programs in a form ready to be loaded into
main storage and executed
Test of Controls
is an audit procedure to test the effectiveness of a control used by a client
entity to prevent or detect material misstatements
s s
m
L
e vitie
t
m
P
s ti
a
s
S
r
y
e
s
c
g
r
d
l
S A
o
u
e
o
l
r
g
r
t
l nt
d
P nt
o
e
ll in en
r
t
c
e
e
o
o
n
o
c
m
m
r
r yC
tr p
o
n
P
u
n
C iro
lo
o ar
o
it
e
A
S
d
C v
r
v
u
b
n
e
i
A
E
L
D
Co
Th
Au
e
Ch nt
S
di
R
r
W
i
tu
el t O
an oll
o
at
at
r
bj
ge ing
s
io
e
t
d ec
n: -C
Ac Pr
to tiv
a
N
o
tiv g
se
SD es
o
r
itie a
C
C
m
on
s
tro
ls
Systems
Developm
ent
Controls
Internal
Audit
User
Technical
Specification
Design
Activities
Activities
Systems
Authorization
Activities
User
TheParticipation
detailed
design
was
an
appropriate
and
computer
services
All
program
modules
must
be
IA
serve
as a
Select a sample of
IA play an
02
Technical
and
accurate
the user's
management
properly
authorized
Test
team:
IA department
needs
beforeto
they
are
completed projects thoroughly tested solution
liaison
between
project.
user
personnel,
complexity
of
problem
the
important
role
01
02
(current
&
previous)
01
to beview
independent,
user's
implemented
of
SCOP
results
systems
professionals;
A
Test
show
that
the
system
was
preliminary
feasibility
study
Users in
active
users
and
the
the
system
the
control
The
results
of
the
tests
are
then
E
Technical
Translate
and
the
problem
objective,user
and
at
systems
analysis
thoroughly
tested
both
the individual
showed
that
the
project
had
not
stifle
against
predetermined
should
systems
internal
auditors
Individual
modules
need
toset
befor compared
specifications
into
ainvolvement
Design
SDA
Requires
a formal
Should
Review
documentation
be
properly
results
A detailed analysis
user needs was
of
detailed
technical
user ofprofessionals
evidence
of compliance
Activities
formally
and rigorously
tested
implementation
environment
authorized to identify
Joint
efforts of
analysis,
and
programming
and
logic
Testing
specifications
conducted
that
resulted
in
alternative
There
is
a
checklist
of
specific
problems
Detailed
as a whole
involvement
x systems
03
USEtheperiod,
detailed
systems
conceptual
designs
detected
the
conversion
user along
and
errors;
and during
written
professionals
Once
the
test
team
is satisfied
Details
results of the
Specific points
forand
review
with
evidence
that
they
were
corrected
in the
R
design
A cost-benefit
analysis
was
to verify
the module's
internal
logic
systems
the
system
can be transferred
should
include
The adequacy
of 03need tomaintenance
Documentation
04
tests
performed
be
phase
report
ofreasonably
the
conducted
using
User
Specification
to
the
user
User
Test
and
Acceptance
Test
data
Internal
Audit
determining
that:
professional
these activities
is
is
both
a control
Systems
documentation
complies
with
formally documented
and
accurate
figures
timeParticipation
consuming
measuredActivities
by the
and evidence
of
user's needs
Procedure
organizational
requirements
and involved
are
analyzed
preserved to meetcontrol
future audit
quality of the should bestandards
documentation objectives
Program
Technical DesignTests
of Systems Development
Systems Authorization
Testing Controls
Activities
Activities
Transactions File
Acct
Num
Name
432
John
Smith
Sale
Amou
nt
100
AR Update
Application
Predetermined
Results: New
Balance = 1100
Compare
Test Accounts
Receivable Master File
Acct
Num
Name
Sale
Amou
nt
432
John
Smith
1000
Actual
Test
Results
substantial changes
Longest period
01
formal authorizations
02
To
minimiz technical specifications
e the
testing and documentation updates
risk:
03
Source
Program
Library
Controls
Systems
development
programmers
SPL
SOURCE
PROGRAM
Production Load
Library
Compiler
Program
Systems
Maintenance
Programmers
Object
Module
Link Edit
Program
PROGRAM
LOAD
MODULE
PRODUCTION
APPLICATION
As a practical matter,
production application
programs in their
source code be
the threat of
unauthorized
modification
In fact, we could
destroy it if no future
changes were ever to
be made to the
application
S
NNOO OLLS
TTRRO
N
CCOON
Text
Text
controls is nonexistent
Text
Text
Text
Text
Audit Procedures
Audit Procedures for Identifying Unauthorized Program Changes
Reconcile Program Version Numbers
Confirm Maintenance Authorization
Related Case
In the context of urban planning, the present system of development control in
most local authorities in Malaysia is by the granting or refusal of planning
permission for development. The local authority is empowered to grant or refuse
any planning application in its area. The recent amendment to the planning
statute requires that certain planning application be accompanied by a
development proposal report which include a written statement and a plan to (i)
describe the present condition of the land to which the application relates; and
(ii) describe the proposed development, in particular on how it would be likely to
have a significant effect on the built environment.
Development control and approval, which involves the process of analyzing the
appropriateness of planning applications, requires various data from the relevant
agencies. A planning application will be assessed in terms of current
development scenario, land information, planning requirements and planning
design .Consideration given to an application requires a tedious process as it will
have to go through several committees and technical evaluation.
Information required for a development proposal report would therefore include the following
major aspects:
i.Status of land and restrictions;
ii. Land use analysis and intensity of development this includes land use zoning, population
density zoning, height limit, plot ratio, plinth area, predetermined public area;
iii. Analysis of issues and potential of sites this includes site location, existing drainage system,
topography and slope, existing road system, existing land use, natural features which must be
preserve and development potential;
iv. Analysis of surrounding development this includes infrastructure, type, intensity and facilities
available in the surrounding area;
v. Structure Plan and Local Plan policy, if available.
II.
III.
Summary
System software refers to the operating system, database management systems and other
software that increases the efficiency of processing. Application software refers to particular
applications such as sales or wages. The controls over the development and maintenance of
both types of software are similar and include:
Controls over application development, such as good standards over the system design and
program writing, good documentation, testing procedures (eg use of test data to identify
program code errors, pilot running and parallel running of old and new systems), as well as
segregation of duties so that operators are not involved in program development
Controls over program changes to ensure no unauthorised amendments and that changes
are adequately tested, eg password protection of programs, comparison of production
programs to controlled copies and approval of changes by users
Controls over installation and maintenance of system software many of the controls
mentioned above are relevant, eg authorisation of changes, good documentation, access
controls and segregation of duties.
Bibliography
http://itsystemsdevelopment.pdf
Accounting Information System by James Hall 6th Edition
Foziah_Johar_fab.pdf