Address validity checks are also used in disk drives. When employed, firmware commonly compares the address on a disk pack requested in a write instruction with the set of valid disk storage locations.

Verification constraint of an IT hardware validity check

Where installed, the IT hardware validity check compares each action with the set of rules to ensure that it is indeed appropriate. Nevertheless, the limitation of an IT hardware validity check is that it will not detect an error when a valid symbolic representation is recorded improperly in place of another symbolic representation during data entry or transmission.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

“View Part I of the IT Hardware Validity Checks series here”

Post Notes: “IT Hardware Validity Checks – Part IV” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

A data validity check compares characters or fields that are written or read with a set of all valid characters or fields. It is particularly useful technique with peripheral devices such as printers. For example, a printer may be limited to a certain number of characters. Consequently, if there where sixty-four characters associated with a print drum the data validity check would accept data containing any of the sixty-four characters as valid, yet would reject data representing other characters considered invalid.

Validity checking of storage location addresses

IT memory has designated storage addresses that can be accessed. CPUs utilize control units to keep track of addresses associated with the IT configuration. The address validity check compares the memory address requested with the list of valid addresses to detect an invalid request.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

“View Part I of the IT Hardware Validity Checks series here”

Post Notes: “IT Hardware Validity Checks – Part III” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

Validity checking of operation codes within the Central Processing Unit (CPU)

Each computer has a recognizable instruction set (e.g. Reduced Instruction Set Computing (RISC)) with a designated code for each instruction, such as addition, subtraction, multiplication, and division. The operation validity check will signal an error condition if, during execution, a program attempts to process an invalid instruction.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

“View Part I of the IT Hardware Validity Checks series here”

Post Notes: “IT Hardware Validity Checks – Part II” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

On 07/27/2012, Robert E. Davis, MBA, CISA, CICA accepted an invitation to join the ITKnowledgeExchange Advisory Board.

Determination of the validity of an IT hardware action is something a redundancy check is unable to perform. However, in conjunction with redundancy checks, validity checks provide considerable certainty that hardware processing and transfer of datum will be complete, accurate and creditable.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Boritz, Efrin J. IS Practitioners’ Views on Core Concepts of Information Integrity. Rev. ed. Ontario: University of Waterloo, 2004. 9

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 232-3

Post Notes: “IT Hardware Validity Checks – Part I” was originally published through Suite101.com under the title “IT Hardware Validity Checks”.

Hardware size and accessibility make transportability an issue because of uncertainty that an installed configuration has appropriate controls. Small IT configurations have unique hardware characteristics that distinguish them from large IT configurations. Wherefore, operating systems for many small IT configurations are idiomatic because programs that run in interpreter mode are easy to modify without detection.

Nevertheless, objectives of control systems remain the same with small hardware configurations as they are with any other IT processing — prevent, detect, and correct errors, mistakes, or omissions. However, the differences in the small configuration’s IT environment typically is the accentuation placed on various controls and the availability of compensating or mitigating controls.

For small configurations, control emphasis changes in order to compensate, or mitigate, for some of the weaknesses inherent in the IT environment. Yet, the problem sometimes encountered in the area of hardware controls can be avoided by relying on infrastructure acquisition and development controls. Consequently, IT hardware should not be acquired or developed if they lack the necessary controls to ensure expected processing reliability and integrity.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 230-1, 490, 499

“View Part I of the IT Hardware Duplicity and Echo Checks series here”

Post Notes: “IT Hardware Duplicity and Echo Checks” was originally published through Suite101.com under the title “IT Hardware Duplicity and Echo Checks”.

Warning! Excessive external echo checking may be a hacker or cracker attempting a Denial of Service (DoS) attack. Therefore, continuous echo check monitoring is required when the Internet Control Message Protocol (ICMP) Echo Request setting is turned on.

The control purpose of an IT hardware echo check is to ensure that commands sent to peripheral, or remote, equipment are obeyed and that datum are received correctly. In this activity, the computer checks to ensure that its directives are obeyed by requiring that contacted equipment return a signal verifying that the command has been received and complied with. For instance, the CPU transmits a command to the printer to commence processing, and the printer transmits a message back to the CPU that it has been activated as instructed.

The same echo check technique is utilized in data communications to ensure that data is received correctly. For example, data is retransmitted by the receiving computer back to the sending computer. The sending computer then compares the echo with the original data for possible transmission errors.

Video Link: http://youtu.be/HEjPop-aK_w

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 230-1, 490, 499

“View Part I of the IT Hardware Duplicity and Echo Checks series here”

Post Notes: “IT Hardware Duplicity and Echo Checks – Part III” was originally published through Suite101.com under the title “IT Hardware Duplicity and Echo Checks”.

Duplicate operations are commonly utilized in the arithmetic logic unit (ALU) of a central processing unit (CPU). In addition, a dual operation is sometimes utilized in the ALU of the CPU. Calculations are carried out twice either by the same circuitry or by duplicate circuitry. The results of the two calculations are then compared to ascertain correctness in processing.

Video Link: What is a checksum?

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 230-1, 490, 499

“View Part I of the IT Hardware Duplicity and Echo Checks series here”

Post Notes: “IT Hardware Duplicity and Echo Checks – Part II” was originally published through Suite101.com under the title “IT Hardware Duplicity and Echo Checks”.

Conceptual Connect To Server Image – Salvatore Vuono

Effective communication checks should be applied to small as well as large IT configurations. IT hardware duplicity and echo checks are a way of establishing the accuracy achieved during the transfer of data over a communication medium. They provide quality checks and error-control techniques for data transferred over a computer network or other communications link.

IT operation duplication as an error control

In contrast to data deduplication, IT hardware duplicity checks utilize the principle of duplicate, or complimentary, processing to detect and correct errors. When this control is deployed, an operation is performed twice to assist in detecting errors. If the repeated operation matches the base operation, it is a duplicate operation. With this check, the result of the repeated operation is compared, and any difference between them will indicate a hardware-induced error requiring corrective action.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 284

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 230-1, 490, 499

Post Notes: “IT Hardware Duplicity and Echo Checks – Part I” was originally published through Suite101.com under the title “IT Hardware Duplicity and Echo Checks”.

When properly deployed, parity bits can be utilized to detect communication errors between IT hardware items. An advantage of the double parity bit is that an error is defined in two dimensions: vertical and horizontal. This permits the precise bit that is causing the error to be detected, thus enabling cybernetic error correction.

The redundancy check is a valuable control, however it is not foolproof. It is designed to detect mechanical, electronic and transmission sequence errors, but not to detect otherwise invalid data types. Furthermore, its reliability in error detection and correction is a function of the degree of built in redundancy. Therefore, the IT hardware user must determine the acceptable risk-level regarding receiving, storing, and transmitting accurate as well as complete datum, considering the IT architecture, then act accordingly.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 283-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 227-30

“View Part I of the IT Hardware Redundancy Checks Using Parity Bits series here”

Post Notes: “IT Hardware Redundancy Checks Using Parity Bits – Part IV” was originally published through Suite101.com under the title “IT Hardware Redundancy Checks Using Parity Bits”.

One of the simplest error detection schemes is parity checking. Classically, parity checks are deployed to maintain information integrity. Parity checks are generally considered a hardware control that requires calculation for incorporation and subsequent verification of electronically formatted data strings. The value of the parity bit depends on the number of binary ones in the byte, and also on the type of parity checking method used.

Reflective of the bits summation process, data parity can be even or odd as well as single, double, dual, or diagonal. Extensions and variations on the parity bit method are horizontal redundancy checks and vertical redundancy checks. Of the types of redundancy checks mentioned in this article, the single parity bit has the least redundancy, followed by the double, diagonal, and dual parity bit.

Sources:

Davis, Robert E. IT Auditing: Assuring Information Assets Protection. Mission Viejo, CA: Pleier Corporation, 2008. CD-ROM.

Gleim, Irvin N. CIA Examination Review. 3rd ed. Vol. 1. Gainesville, FL: Accounting Publications, 1989. 283-4

Watne, Donald A. and Peter B. B. Turney. Auditing EDP Systems. Englewood Cliffs, NJ: Prentice-Hall, 1984. 227-30

“View Part I of the IT Hardware Redundancy Checks Using Parity Bits series here”

Post Notes: “IT Hardware Redundancy Checks Using Parity Bits – Part III” was originally published through Suite101.com under the title “IT Hardware Redundancy Checks Using Parity Bits”.