BOBILYN R.

ALAYA-AY BSA-3

T-TH 9:00A.M.-10:30A.M.

LEARNING ACTIVITIES

Directions: Read and analyze the following cases and answer what is required. Submit your

work in the pigeon boxes which are provided in your department/college, or to google class on or

before the date as reflected in your study schedule. See Rubrics in appendix. You may also

access the rubrics in the classwork section in the google classroom.

Case 1:

You are engaged to examine the financial statements of F4 Incorporated, which has its own

computer installation. During the preliminary understanding work, you found that F4

lacked proper segregation of the programming and operating functions. As a result, you

intensified the evaluation of the internal control structure surrounding the computer and

concluded that the existing compensating general control procedures provided reasonable

assurance that the objectives of internal control were being met.

Required:

a. In a properly functioning computer environment, how is the separation of the

programming and operating functions achieved?

In a properly functioning computer environment, the segregation of programming

and operating functions is critical to maintaining effective internal controls. Programming

functions involve tasks related to developing, modifying, or maintaining computer

 programs, while operating functions encompass day-to-day system operations and user

access management.

To ensure a proper segregation of duties, roles such as system analysts, computer

operators, and programmers should be filled in with different individuals for

organizational and operation general control. The principle is that those who made the

accounting information system should not engage in technical programming work, and

vice versa. The segregation of duties should be made in a way that it restricts power held

by one person or department. This division of tasks helps prevent any one person or

department from having too much control. Additionally, it's important for the computer

environment to follow a flow diagram to prevent any individual from influencing or

altering functions independently.

b. What are the compensating general control procedures that you most likely

found?

To address the lack of segregation between programming and operating functions

at F4 Incorporated, organizational and operational control procedures were likely

implemented. These controls aim to establish clear boundaries between the

responsibilities of the EDP (Electronic Data Processing) department and user

departments, ensuring that each operates independently within its designated roles. One

key measure would be the segregation of functions within the EDP department itself,

ensuring that tasks such as systems analysis, programming, and operations are handled by

different individuals or teams. By segregating these functions, the risk of conflicts of

 interest or unauthorized activities is reduced, as each team focuses on its specific role

without undue influence from other areas.

Case 2

Assumes that when conducting procedures to obtain an understanding of the control

structure in the Fiona Company, you checked “NO” to the following internal control

questionnaire items:

● Does access to on-line files requires specific passwords to be entered to identify

and validate the terminal user?

● Are control totals established by the user prior to submitting data for processing?

(order entry application subsystem).

● Are input control totals reconciled to output control totals? (Order entry

application sub system).

Required:

Describe the errors, irregularities, or misstatements that could occur due to the weaknesses

indicated by the lack of controls.

The Fiona Company's internal control questionnaire has multiple questions with

"NO" replies. This indicates a lack of controls, which puts its systems at risk for errors,

irregularities, or misstatements. The first reason is that without specific passwords, it is

more likely that someone else would get unauthorized access to confidential information,
which could result in data breaches, illegal changes, or information theft. People could

obtain illegal access, compromise data integrity, or misuse private information if

appropriate authentication procedures aren't taken. Furthermore, there is a greater chance

that data entry errors, incomplete transactions, or processing inconsistencies will go

undetected if control totals created by users before data submission are absent and if input

and output control totals in the order entry application subsystem are not reconciled.

These weaknesses could result in inaccurate order processing, inventory discrepancies,

billing errors, or financial misstatements, impacting the company's operations, customer

satisfaction, and financial reporting accuracy. Addressing these control deficiencies is

crucial to safeguarding data integrity, ensuring regulatory compliance, and mitigating

operational and financial risks within the Fiona Company's systems.