Literary Warrant for Functional Requirement #4b
This requirement derives from the law, customs, standards and
professional best practices accepted by society and codified in the literature of different professions concerned with records and
recordkeeping. The warrant is as follows:
Citation The Institute of Internal Auditors Research Foundation; Systems Auditability and Control, Module
6, Business Systems, 1991
Pages 6-17
Extract Test data analysis involves using simulated transactions to test processing logic, computations, and
controls programmed in theapplication.
Citation The Institute of Internal Auditors Research Foundation; Systems Auditability and Control, Module
6, Business Systems, 1991
Pages 6-18
Extract The specific purpose of tracing is to document and analyze the logic paths in complex software.
The objective of the tracing audit technique is to verify compliance with specifications, policies, and
procedures by documenting how the application software processes transactions. By analyzing the
transaction'spath through the application, tracing can show instructions that have been executed and the
sequence in which they have been executed.
Citation EDI Security, Control, and Audit by Albert J. Marcella, Jr., and Sally Chan (Massachusetts:
Artech House 1993)
Pages 75,76
Extract 6.1.1.2 Processing Controls. Controls must be built into application programs to ensure that the
right data are processed. Accuracy in processing requires that the correct records and files be read and
updated. The logic of computer processing integrity can be tested via independent programs run from a
separate job stream.
Citation Ian B. Gilhooley Information Systems Management, Control and Audit (Altamonte Springs, Fla.:
The Institute of Internal Auditors 1991)
Pages 4,5
Extract Application system integrity is crucial to the success or failure of the business. There needs to be
a set of controls in place to ensure that the system processes and logic perform according to the
specifications each time the system is run.
Citation Ian B. Gilhooley Information Systems Management, Control and Audit (Altamonte Springs, Fla.:
The Institute of Internal Auditors 1991)
Pages 364
Extract LOSS OF DATA Errors in setting up the physical form of the data base, errors in the request
issued from the application program or any combination of the two could result in loss of data. The
data may still be physically present on the storage device but not accessible to the application system
through the DBMS. Complete testing of the interface between application systems and the DBMS is
essential if loss of data is to be avoided. This interface testing should take into account all read, update,
create and delete functions.
Citation Performance Guideline for the Legal Acceptance of Records Produced by Information Technology
Systems:"Part III: Implementation of the Performance Guideline for the Legal Acceptance of Records
Produced by Information Technology Systems;" Technical Report ANSI/AIIM TR31-1994; Association
for Information and Image Management.
Pages 23
Extract Errors in computer records can result from errors in the computer programs. Consequently, the
reliability of the computer programs and formulas used to process the data may be challenged.
Normally, introduction of the systems documentation will be sufficient to demonstrate the reliability of
the programs and formulas. However, evidence about the development and testing of the programs may
also be required, as well as expert testimony from the creator of the software or from individuals who
have run validation tests on the software.