整合控制 Integrity controls

Integrity controls include data integrity and systems integrity.

1. Input controls

Input controls should ensure accuracy, completeness and validity of input. There are two terms should be noted, one is data verification, which involves ensuring data entered matches source documents; the other one is data validation, it involves ensuring the data entered completely and reasonable. There are various types of checks can be used:

(1)Control totals

(2)Hash totals

(3)Range check

(4)Limit checks

(5)Check digits

 

2. Processing controls

Processing controls should ensure the accuracy and completeness of processing. Programs should be subject to development controls and to rigorous testing.

 

3. Output controls

Output controls should ensure the accuracy, completeness and security of output, the measures include investigation and follow-up of exception reports, controls over distribution or copying of output and so forth.

 

4. Back-up controls

It aims to maintain system and data integrity, and is part of the day-to-day procedures of all computerized systems. A back-up copy of a file is a duplicate copy kept separately from the main system and only used if the original fails.

 

5. Passwords and logical access systems

A logical access system can prevent access to data and program files by measures such as identification of the users, authentication of user identity and checks on user authority; Passwords are also used by administrators to control access rights for the reading, modifying and deleting functions.