UBC Theses and Dissertations
Internal control of computer applications Schroeder, Harold John
The use of computers is becoming increasingly prevalent in business. They are used, not only to store vast amounts of information, but also to carry out record keeping procedures for assets, equities and expenses that may each involve large dollar amounts. There are a variety of factors which make the computer more complex than any of the preceding innovations in the field of data processing. Perhaps the most important of these factors is the non-readable form of records that could previously be read. In their new form they are readable only when a specific effort is made to put them into readable form. Such complexities, it is suggested, mean that a new system of internal control must be prepared and maintained to ensure the protection of the records and hence the assets of the organization, especially the monetary assets. How can internal control be maintained? This is a very important problem that needs to be solved by every firm contemplating the acquisition of a computer. Failure to solve this problem prior to the time when a computerized system becomes operational, could have very serious repercussions. Retailers offering customer credit, for example, have accounts receivable that constitute a large percentage of total assets. The loss of all, or part, of the subsidiary ledger could precipitate financial ruin. The question of internal control must, therefore, be faced and procedures devised to achieve and maintain control. But how? Obviously the drastic changes in a system employing a computer leave some of the old methods of control out of date and completely inadequate. Moreover, the complexity of the new system and its machinery creates new situations requiring controls heretofore never required or visualized. It is the purpose of this thesis to identify and outline some of the internal control problems that arise with the introduction and operation of a computerized system. An attempt is made to provide solutions to these new problems as they are presented in this thesis. The problems and their solutions have been identified and organized using two main sources of information: a) the specialized literature in the field. b) case histories available to the writer, as an internal auditor significantly involved in the internal control of computerized systems.
Item Citations and Data