Accounting Module: Detailed Explanation of 25 Accounting Definitions
VerifiedAdded on 2023/01/05
|7
|2602
|21
Homework Assignment
AI Summary
This assignment provides a detailed explanation of 25 essential accounting definitions. It covers a wide range of topics, including echo control, validity control, check digit control, boundary protection, and file integrity, as well as interleaving, self-checking digits, and reasonableness tests. The document also defines crucial aspects of auditing, such as the CIS environment, auditing around and through the computer, and CAATs techniques. Furthermore, it explains concepts like bluesnarfing, splogging, and vishing. It also includes definitions of preventive, detective, and corrective controls, electronic data interchange (EDI), optical character recognition (OCR), operating software (OS), and service auditor reports. Finally, it provides information on how to limit access to important data. This is a valuable resource for students seeking to understand core accounting terminology and concepts.
Accounting 25
DEFINITIONS:
1. Echo control
Also called an echo check, an echo is data repeated back to the sender by the recipient, to verify that it
was received correctly. For example, in a command line you can use the echo command to echo any text
to the screen. The same can be applied for printers.
Echo is the local display of data, either initially as it is locally sourced and sent, or finally as a copy of it
is received back from a remote destination. Local echo is where the local sending equipment displays
the outgoing sent data. Remote echo is where the display is a return copy of data as received remotely.
Both are used together in a computed form of error detection to ensure that data received at the remote
destination of a telecommunication are the same as data sent from the local source (a/k/a echoplex, echo
check, or loop check). When (two) modems communicate in echoplex mode the remote modem echoes
whatever it receives from the local modem.
DEFINITIONS:
1. Echo control
Also called an echo check, an echo is data repeated back to the sender by the recipient, to verify that it
was received correctly. For example, in a command line you can use the echo command to echo any text
to the screen. The same can be applied for printers.
Echo is the local display of data, either initially as it is locally sourced and sent, or finally as a copy of it
is received back from a remote destination. Local echo is where the local sending equipment displays
the outgoing sent data. Remote echo is where the display is a return copy of data as received remotely.
Both are used together in a computed form of error detection to ensure that data received at the remote
destination of a telecommunication are the same as data sent from the local source (a/k/a echoplex, echo
check, or loop check). When (two) modems communicate in echoplex mode the remote modem echoes
whatever it receives from the local modem.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2. Validity control
process of ensuring that a concept or construct is acceptable in the context of the process or system that
it is to be used in. for example, in computer systems which revolve around the creation, consumption
and manipulation of data, it is very important that all data are correct before processing to ensure that no
errors are encountered. A validity check is done on the input data to ensure that it meets the
requirements of the system.
Validation does not ensure that the data entered is correct, just that it is possible and sensible. A user
may accidentally enter a date of birth that is possible and sensible, but incorrect. The program has no
way of knowing that the date has been entered incorrectly. To get around this, many programs include
verification checks - they repeat the entered data to the user and ask them to confirm if this data is
correct. If the user confirms the data, the program then assumes it to be correct. This is an example of
how planning the design of a program can help reduce errors. Validation can be very simple. This
program will iterate until the user enters a correct response:
TYPES:
Range check - the input must fall within a specified range. This is usually applied to numbers and
dates, but can apply to characters. For example, when making a payment to someone, the amount to
be entered might be set to be greater than zero and not greater than the funds available.
Length check - the input must not be too long or too short. For example, a surname will require at
least one letter, but is unlikely to require more than 40.
Presence check - a data value must be entered. For example, entering a quantity when placing an
order.
Format check - the data must be in the correct format, such as entering a date in the format
DD/MM/YYYY.
Type check - the data must be of a specified data type, such as an integer when specifying a quantity.
3. Check digit control
A check digit is the final digit in a code of numbers. It is calculated from all the other digits in the code.
Its purpose is to spot human errors on data entry. Check digits are often found on barcodes.
4. Boundary protection
"monitoring and control of communications at the external boundary of an information system to
prevent and detect malicious and other unauthorized communication." Protection is achieved through the
use of gateways, routers, firewalls, guards, and encrypted tunnels.
5. File integrity
process of ensuring that a concept or construct is acceptable in the context of the process or system that
it is to be used in. for example, in computer systems which revolve around the creation, consumption
and manipulation of data, it is very important that all data are correct before processing to ensure that no
errors are encountered. A validity check is done on the input data to ensure that it meets the
requirements of the system.
Validation does not ensure that the data entered is correct, just that it is possible and sensible. A user
may accidentally enter a date of birth that is possible and sensible, but incorrect. The program has no
way of knowing that the date has been entered incorrectly. To get around this, many programs include
verification checks - they repeat the entered data to the user and ask them to confirm if this data is
correct. If the user confirms the data, the program then assumes it to be correct. This is an example of
how planning the design of a program can help reduce errors. Validation can be very simple. This
program will iterate until the user enters a correct response:
TYPES:
Range check - the input must fall within a specified range. This is usually applied to numbers and
dates, but can apply to characters. For example, when making a payment to someone, the amount to
be entered might be set to be greater than zero and not greater than the funds available.
Length check - the input must not be too long or too short. For example, a surname will require at
least one letter, but is unlikely to require more than 40.
Presence check - a data value must be entered. For example, entering a quantity when placing an
order.
Format check - the data must be in the correct format, such as entering a date in the format
DD/MM/YYYY.
Type check - the data must be of a specified data type, such as an integer when specifying a quantity.
3. Check digit control
A check digit is the final digit in a code of numbers. It is calculated from all the other digits in the code.
Its purpose is to spot human errors on data entry. Check digits are often found on barcodes.
4. Boundary protection
"monitoring and control of communications at the external boundary of an information system to
prevent and detect malicious and other unauthorized communication." Protection is achieved through the
use of gateways, routers, firewalls, guards, and encrypted tunnels.
5. File integrity
process of protecting a file from unauthorized changes, including cyber-attacks. In other words, a files
'integrity is validated to determine whether or not it has been altered after its creation, curation,
archiving or other qualifying event. Companies can monitor file integrity by leveraging advanced file
integrity monitoring (FIM) tools that help automatically track and alert IT admins to unauthorized
modifications across critical files.
With regular file integrity testing, IT administrators can keep track of unauthorized file access, alert
security professionals if an anomaly is detected, and mitigate cyberthreats. File integrity monitoring
works by first creating a baseline, which acts as a reference point and is periodically analyzed to detect
tampering or fraud.
6. Interleaving
Interleaving is a tool that is used to enhance existing error correcting codes so that they can be used to
perform burst error corrections as well.
Most error correcting codes (ECCs) are designed to correct random errors, i.e. error
caused by additive noise that is independent of each other. Burst error are the errors that
occur in a sequence or as groups. They are caused due to defects in storage media or
disruption in communication signals due to external factors like lightning etc.
Interleaving modifies the ECC or does some processing on the data after they are
encoded by ECCs.
TYPES:
Periodic Interleaving - In this case, the message is ordered in a repeating sequence of bytes. The
interleaver accepts data symbols in blocks and performs identical permutations on the blocks before
transmitting them. For example, the sequential blocks of code may be written to a matrix in a row-wise
manner and then read out from the matrix in a column-wise manner. Block interleaving is a type of
periodic interleaving.
Pseudo-random Interleaving - Pseudo-random interleaving involves rearrangement of the message
blocks in a pseudo-random sequence generated by specific algorithms.
'integrity is validated to determine whether or not it has been altered after its creation, curation,
archiving or other qualifying event. Companies can monitor file integrity by leveraging advanced file
integrity monitoring (FIM) tools that help automatically track and alert IT admins to unauthorized
modifications across critical files.
With regular file integrity testing, IT administrators can keep track of unauthorized file access, alert
security professionals if an anomaly is detected, and mitigate cyberthreats. File integrity monitoring
works by first creating a baseline, which acts as a reference point and is periodically analyzed to detect
tampering or fraud.
6. Interleaving
Interleaving is a tool that is used to enhance existing error correcting codes so that they can be used to
perform burst error corrections as well.
Most error correcting codes (ECCs) are designed to correct random errors, i.e. error
caused by additive noise that is independent of each other. Burst error are the errors that
occur in a sequence or as groups. They are caused due to defects in storage media or
disruption in communication signals due to external factors like lightning etc.
Interleaving modifies the ECC or does some processing on the data after they are
encoded by ECCs.
TYPES:
Periodic Interleaving - In this case, the message is ordered in a repeating sequence of bytes. The
interleaver accepts data symbols in blocks and performs identical permutations on the blocks before
transmitting them. For example, the sequential blocks of code may be written to a matrix in a row-wise
manner and then read out from the matrix in a column-wise manner. Block interleaving is a type of
periodic interleaving.
Pseudo-random Interleaving - Pseudo-random interleaving involves rearrangement of the message
blocks in a pseudo-random sequence generated by specific algorithms.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
7. Self-checking digits
an extra digit is added to a number. The extra digit is computed from the other digits in the number. The
computer program can then check input by recomputing and comparing the check digit.
8. Reasonableness tests
a common-sense check. Does the data fall within an accepted range or consist of accepted values? Does
it even make sense? That is really the question. In order to perform a reasonableness test, you first need
to understand your data set and determine what is reasonable.
9. Crucial for auditing in Personal computer
Proper audit task for PC
Proper software to perform audit task
10. CIS environment
A CIS environment exists when a computer of any type or size is involved in the processing by the
entity of financial information of significance to the audit, whether that computer is operated by the
entity or by a third party.
11. Auditing around the computer 12. Embedded audit modules
arriving at an audit opinion through examining and
evaluating management controls and then input and
output ONLY for application systems.
In this case, the application system's processing is
not examined directly. Instead the auditors view the
computer simply as a black box. Auditors should
audit around the computer only when it is the most
cost effective way to conduct the audit. The
circumstance arises only when an application
system has 3 characteristics :
1. The system is simple and batch oriented
2. It is cost-effective to audit around the
computer when an application system uses a
generalized package as its software
platform.
3. When a high reliance is placed on user
controls than computer controls, to
safeguard assets, maintain data integrity and
attain effectiveness and efficiency
objectives.
Thus, audit around the computer is beneficial only
when the inherent risk is low. Input transactions are
batched, and control is maintained using traditional
methods like segregation of duties and management
supervision. A clear audit trail should exist.
Detailed reports are prepared at key points within
the system.
An embedded audit module is code inserted into an
application program that creates notifications when
transactions meet certain criteria. The intent behind
an embedded audit module is to give auditors real-
time notifications of transactions that might be in
error, or which possess characteristics that are
worthy of further review. This information is useful
for developing more robust internal controls, as
well as for spotting instances of potentially
fraudulent transactions.
The “Embedded audit module approach” is an
approach that will assist auditors with audit
calculations by enabling continuous monitoring in
the audit environment. A known weakness to the
embedded audit approach is that it requires
implementation in a weak system design.
Audit Through the Computer
Auditors are presently more involved in auditing through the computer to test (1) processing logic
and controls existing within the system and (2) records produced by the system. Depending upon the
complexity of the system, the task of the auditor may be simple or require extensive technical
competence. It must be used in the following circumstances.
1. Inherent risk associated with the application system is high
an extra digit is added to a number. The extra digit is computed from the other digits in the number. The
computer program can then check input by recomputing and comparing the check digit.
8. Reasonableness tests
a common-sense check. Does the data fall within an accepted range or consist of accepted values? Does
it even make sense? That is really the question. In order to perform a reasonableness test, you first need
to understand your data set and determine what is reasonable.
9. Crucial for auditing in Personal computer
Proper audit task for PC
Proper software to perform audit task
10. CIS environment
A CIS environment exists when a computer of any type or size is involved in the processing by the
entity of financial information of significance to the audit, whether that computer is operated by the
entity or by a third party.
11. Auditing around the computer 12. Embedded audit modules
arriving at an audit opinion through examining and
evaluating management controls and then input and
output ONLY for application systems.
In this case, the application system's processing is
not examined directly. Instead the auditors view the
computer simply as a black box. Auditors should
audit around the computer only when it is the most
cost effective way to conduct the audit. The
circumstance arises only when an application
system has 3 characteristics :
1. The system is simple and batch oriented
2. It is cost-effective to audit around the
computer when an application system uses a
generalized package as its software
platform.
3. When a high reliance is placed on user
controls than computer controls, to
safeguard assets, maintain data integrity and
attain effectiveness and efficiency
objectives.
Thus, audit around the computer is beneficial only
when the inherent risk is low. Input transactions are
batched, and control is maintained using traditional
methods like segregation of duties and management
supervision. A clear audit trail should exist.
Detailed reports are prepared at key points within
the system.
An embedded audit module is code inserted into an
application program that creates notifications when
transactions meet certain criteria. The intent behind
an embedded audit module is to give auditors real-
time notifications of transactions that might be in
error, or which possess characteristics that are
worthy of further review. This information is useful
for developing more robust internal controls, as
well as for spotting instances of potentially
fraudulent transactions.
The “Embedded audit module approach” is an
approach that will assist auditors with audit
calculations by enabling continuous monitoring in
the audit environment. A known weakness to the
embedded audit approach is that it requires
implementation in a weak system design.
Audit Through the Computer
Auditors are presently more involved in auditing through the computer to test (1) processing logic
and controls existing within the system and (2) records produced by the system. Depending upon the
complexity of the system, the task of the auditor may be simple or require extensive technical
competence. It must be used in the following circumstances.
1. Inherent risk associated with the application system is high
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2. Application system processes large volumes of data and produces large volume of output, that make
extensive, direct examination of the validity of input and output difficult to undertake.
3. Large portions of system code are intended to facilitate use of the system or efficient processing.
The primary advantage here, is that auditors have increased power to test an application system
effectively. They can expand the range and capability of the tests they can perform and thus increase
their confidence in the reliability of the evidence collection and evaluation.
This system has two dis-advantages
1. It can sometimes be costly, especially in terms of labor hours that must be expended to understand
the internal workings of the application system
2. It will require the auditors to have high level of technical expertise to understand the complex
application systems.
13. CAATs Technique
Integrated test data
Audit modules
Audit hooks
14. Blue snarfing
Bluesnarfing is the unauthorized access of information from a wireless device through
a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant).
Both Bluesnarfing and Bluejacking exploit others' Bluetooth connections without their knowledge.
While Bluejacking is essentially harmless as it only transmits data to the target device, Bluesnarfing is
the theft of information from the target device.
15. Splogging
A blog with automatically generated content designed to promote related commercial websites by
inflating their search engine rankings.
16. Vishing
the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable
companies in order to induce individuals to reveal personal information
17. Preventive Control 18. Detective Control 19. Corrective Control
controls to stop something
- before a possible event
Preventive controls can be as
simple as locks and access codes
to sensitive areas of a building or
passwords for confidential
information.
controls to find out if it happened
- during an event
A security camera is a good
example of a detective control. A
store manager who notices a
pattern of a cash drawer coming
up short when attended by a
particular clerk can easily look at
video of the clerk’s actions
throughout the day to detect
potential theft.
controls to repair/fix the
consequences - after an event
Coupled with preventive and
detective controls, corrective
controls help mitigate damage
once a risk has materialized. An
organization can document its
policies and procedures,
enforcing them by means of
warnings and employee
termination when appropriate.
20. Electronic data interchange (EDI)
is the concept of businesses electronically communicating information that was traditionally
communicated on paper, such as purchase orders and invoices. Technical standards for EDI exist to
facilitate parties transacting such instruments without having to make special arrangements.
extensive, direct examination of the validity of input and output difficult to undertake.
3. Large portions of system code are intended to facilitate use of the system or efficient processing.
The primary advantage here, is that auditors have increased power to test an application system
effectively. They can expand the range and capability of the tests they can perform and thus increase
their confidence in the reliability of the evidence collection and evaluation.
This system has two dis-advantages
1. It can sometimes be costly, especially in terms of labor hours that must be expended to understand
the internal workings of the application system
2. It will require the auditors to have high level of technical expertise to understand the complex
application systems.
13. CAATs Technique
Integrated test data
Audit modules
Audit hooks
14. Blue snarfing
Bluesnarfing is the unauthorized access of information from a wireless device through
a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant).
Both Bluesnarfing and Bluejacking exploit others' Bluetooth connections without their knowledge.
While Bluejacking is essentially harmless as it only transmits data to the target device, Bluesnarfing is
the theft of information from the target device.
15. Splogging
A blog with automatically generated content designed to promote related commercial websites by
inflating their search engine rankings.
16. Vishing
the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable
companies in order to induce individuals to reveal personal information
17. Preventive Control 18. Detective Control 19. Corrective Control
controls to stop something
- before a possible event
Preventive controls can be as
simple as locks and access codes
to sensitive areas of a building or
passwords for confidential
information.
controls to find out if it happened
- during an event
A security camera is a good
example of a detective control. A
store manager who notices a
pattern of a cash drawer coming
up short when attended by a
particular clerk can easily look at
video of the clerk’s actions
throughout the day to detect
potential theft.
controls to repair/fix the
consequences - after an event
Coupled with preventive and
detective controls, corrective
controls help mitigate damage
once a risk has materialized. An
organization can document its
policies and procedures,
enforcing them by means of
warnings and employee
termination when appropriate.
20. Electronic data interchange (EDI)
is the concept of businesses electronically communicating information that was traditionally
communicated on paper, such as purchase orders and invoices. Technical standards for EDI exist to
facilitate parties transacting such instruments without having to make special arrangements.
21. Optical character recognition (OCR)
Electronic or mechanical conversion of images of typed, handwritten or printed text into machine-
encoded text, whether from a scanned document, a photo of a document, a scene-photo (for example the
text on signs and billboards in a landscape photo) or from subtitle text superimposed on an image (for
example: from a television broadcast).
22. Operating software (OS)
system software that manages computer hardware, software resources, and provides common services
for computer programs.
23. Service auditors reports on
Implemented controls
Operating effectiveness
24. How to limit access to important data
Encryption
Digital Sign
Firewalls
Passwords
25. Auditing through the computer
Test data
Parallel simulation
Embedded audit module
KEY TIPS
• Observation – best way to determine effectiveness of access control.
• Audit trail is changed upon switching from manual to computer process.
• You can assess control risk at maximum when – Assets are few in transactions but material in amount
• System flow chart = Visual , Questionnaires = narratives
• Check digit examples
• Batch processing & real time processing
• CIS environment definition
• Segregation of duty in CIS environment
• Investigating the existence of an asset is not CAATs
• Backup should be done by all department using Computer or other devices that that
can access database for effective internal control.
• Database management = minimal to no data redundancy
• Proper documentation = higher understandability
• Hash total = Nonfinancial figures numerical sum of one or more fields in a file, including data not
normally used in calculations, such as account number. The original hash total is stored, and when required,
the data are recalculated and compared with the original. If data are lost or changed, a mismatch signals an
error. Used for decades, hash totals were always a simple verification method.
• With effective control = test of control, without = proceed to substantive
• Default settings of Wireless access points = Set at lowest security level
Electronic or mechanical conversion of images of typed, handwritten or printed text into machine-
encoded text, whether from a scanned document, a photo of a document, a scene-photo (for example the
text on signs and billboards in a landscape photo) or from subtitle text superimposed on an image (for
example: from a television broadcast).
22. Operating software (OS)
system software that manages computer hardware, software resources, and provides common services
for computer programs.
23. Service auditors reports on
Implemented controls
Operating effectiveness
24. How to limit access to important data
Encryption
Digital Sign
Firewalls
Passwords
25. Auditing through the computer
Test data
Parallel simulation
Embedded audit module
KEY TIPS
• Observation – best way to determine effectiveness of access control.
• Audit trail is changed upon switching from manual to computer process.
• You can assess control risk at maximum when – Assets are few in transactions but material in amount
• System flow chart = Visual , Questionnaires = narratives
• Check digit examples
• Batch processing & real time processing
• CIS environment definition
• Segregation of duty in CIS environment
• Investigating the existence of an asset is not CAATs
• Backup should be done by all department using Computer or other devices that that
can access database for effective internal control.
• Database management = minimal to no data redundancy
• Proper documentation = higher understandability
• Hash total = Nonfinancial figures numerical sum of one or more fields in a file, including data not
normally used in calculations, such as account number. The original hash total is stored, and when required,
the data are recalculated and compared with the original. If data are lost or changed, a mismatch signals an
error. Used for decades, hash totals were always a simple verification method.
• With effective control = test of control, without = proceed to substantive
• Default settings of Wireless access points = Set at lowest security level
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
• Revisions in software should be approved
• Online real time = valid users are the only one who can access the files
• Tracing from invoice to Shipping docs = sales are actually delivered
• Test data sample
• Higher professional reputation = higher trust in his/her report
• Purpose of IT audit = review and evaluate internal controls that protect the system
• To check the user ID and password control = try to sign in using invalid ID and pass
• XRBL instance document
• Poor implementation of new CIS = lack of communication and training
• Effects of outsourcing AIS
• Characteristic of Online processing system
• Responsibility of database admin
• POS terminals = real-time
• Generalized audit software limitations
• Understanding controls = easier on flowcharts
• Online real time = valid users are the only one who can access the files
• Tracing from invoice to Shipping docs = sales are actually delivered
• Test data sample
• Higher professional reputation = higher trust in his/her report
• Purpose of IT audit = review and evaluate internal controls that protect the system
• To check the user ID and password control = try to sign in using invalid ID and pass
• XRBL instance document
• Poor implementation of new CIS = lack of communication and training
• Effects of outsourcing AIS
• Characteristic of Online processing system
• Responsibility of database admin
• POS terminals = real-time
• Generalized audit software limitations
• Understanding controls = easier on flowcharts
1 out of 7
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.