Federal Information System Controls Audit Manual (FISCAM)

Original publisher: [Washington, D.C.]: U.S. Govt. Accountability Office, [2008] OCLC Number: (OCoLC)244110793 Subject: Information resources management -- United States -- Auditing -- Handbooks, manuals, etc. Excerpt: ... Exposure Draft BUSINESS PROCESS APPLICATION CONTROLS Completeness - controls provide reasonable assurance that all transactions that occurred are input into the system, accepted for processing, processed once and only once by the system, and properly included in output. Accuracy - controls provide reasonable assurance that transactions are properly recorded, with correct amount / data, and on a timely basis ( in the proper period ); key data elements input for transactions are accurate; data elements are processed accurately by applications that produce reliable results; and output is accurate. Validity - controls provide reasonable assurance ( 1 ) that all recorded transactions and actually occurred ( are real ), relate to the organization, are authentic, and were properly approved in accordance with management's authorization; and ( 2 ) that output contains only valid data. Confidentiality - controls provide reasonable assurance that application data and reports and other output are protected against unauthorized access. Page 13