Professional Documents
Culture Documents
Standard Operating Procedure
Standard Operating Procedure
Standard Operating Procedure
Standard Operating procedures are written step-by-step instructions that describes on how
employees will carry out routine activities. These procedures will help the organization to attain quality
and uniformity in there services.
Access control
- Access controls provide assurance that only authorized individuals use the system and that
usage is for authorized purposes.
- Examples
a. Call back
b. Password and ID numbers
c. Security personnel
d. Controlled disposal of documents
e. Biometric technologies
f. Automatic log-off and
g. Utility software restrictions
Auditing procedures
1. The auditor should check whether specific system is access only by authorized individual. ( this
will help the auditor verify if the system is fairly presented and free form alterations from
unauthorized individual)
2. The auditor should check whether the controls are implemented.
3. The auditor should run the designed controls for him to test if it is working properly.
- Data recovery controls is a back-up contingency plan. One way to a back-up and contingency
plan is to make sure that all critical copies are all back-up and stored.
Auditing procedures
1. The auditor check if there is a back-up data for every data available in the system ( This is to
ensure that there is a back-up plan in case a disaster or loss of data happened in the system)
Hardware Controls
- Hardware controls assures the proper internal handling of data as they are moved or stored
- They includes:
a. Parity Check- a special bit is added to each character stored in memory that can detect if the
hardware loses a bit during internal movement of character
b. Echo checks- it detects line errors by re-transmitting data back to the sending device for
comparison with the original transmission.
c. Read-after-write checks
Auditing procedures
1. The auditor should check if the hardware controls are implemented properly. (this is to
ensure that data transferred is protected against loss)