Address validity checks are also used in disk drives. When employed, firmware commonly compares the address on a disk pack requested in a write instruction with the set of valid disk storage locations.

Verification constraint of an IT hardware validity check

Where installed, the IT hardware validity check compares each action with the set of rules to ensure that it is indeed appropriate. Nevertheless, the limitation of an IT hardware validity check is that it will not detect an error when a valid symbolic representation is recorded improperly in place of another symbolic representation during data entry or transmission.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

“View Part I of the IT Hardware Validity Checks series here”

Post Notes: “IT Hardware Validity Checks – Part IV” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

A data validity check compares characters or fields that are written or read with a set of all valid characters or fields. It is particularly useful technique with peripheral devices such as printers. For example, a printer may be limited to a certain number of characters. Consequently, if there where sixty-four characters associated with a print drum the data validity check would accept data containing any of the sixty-four characters as valid, yet would reject data representing other characters considered invalid.

Validity checking of storage location addresses

IT memory has designated storage addresses that can be accessed. CPUs utilize control units to keep track of addresses associated with the IT configuration. The address validity check compares the memory address requested with the list of valid addresses to detect an invalid request.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

“View Part I of the IT Hardware Validity Checks series here”

Post Notes: “IT Hardware Validity Checks – Part III” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

Validity checking of operation codes within the Central Processing Unit (CPU)

Each computer has a recognizable instruction set (e.g. Reduced Instruction Set Computing (RISC)) with a designated code for each instruction, such as addition, subtraction, multiplication, and division. The operation validity check will signal an error condition if, during execution, a program attempts to process an invalid instruction.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

“View Part I of the IT Hardware Validity Checks series here”

Post Notes: “IT Hardware Validity Checks – Part II” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

On 07/27/2012, Robert E. Davis, MBA, CISA, CICA accepted an invitation to join the ITKnowledgeExchange Advisory Board.

Determination of the validity of an IT hardware action is something a redundancy check is unable to perform. However, in conjunction with redundancy checks, validity checks provide considerable certainty that hardware processing and transfer of datum will be complete, accurate and creditable.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

Post Notes: “IT Hardware Validity Checks – Part I” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

Undoubtedly, an individual and/or group authorized activation of this critical new application.  Yet, it appears adequate precautions, such as application processing testing, were not performed either prior to deployment, during implementation, or after installation by the project team.

Considering, as computing power has advanced, entities have become increasingly dependent on technology to carry out their operational requirements and to collect, process, maintain, and report essential data.  This reliance on electronically encoded data and on the systems that affect managerial decisions are a major concern of audit professionals.  Consequently, Information Technology (IT) auditors examine the adequacy of controls in information systems and related operations to assure effectiveness and efficiency in business processes.  In addition, among other assurance services, IT auditors evaluate the reliability of computer generated data supporting financial statements and analyze specific programs and their processing results.  Thus, my question regarding the circumstances that produced this extraordinary financial loss is: Did management assign an IT auditor to the software project team?

“View Part I of the Right-sizing IT Controls series here“

“View Part I of the Right-sizing IT Controls series here“

“View Part I of the Right-sizing IT Controls series here“

• Identification and classification of activities for departmentalization
• Activities grouping based on efficient usage of available resources
• Delegating authority necessary to perform defined activities
• Aligning departmental groupings, horizontally and vertically, through authority-activity relationships and information systems

“View Part I of the Right-sizing IT Controls series here“

While documenting entity processes, internal as well as external responsibilities should be examined for synchronization to the IT mission. Depending on the control environment; control processes can range from top-heavy responsibility concentration with inaccurate measurements and employee opposition to widespread responsibility with accurate measurements and no employee opposition. Entity-IT organizational alignment determination, with processes identified, permits inefficient or ineffective IT units consolidation and/or elimination.

“View Part I of the Right-sizing IT Controls series here“