A flowchart can be very useful in auditing critical company purposes and programs this sort of as business resource arranging programs (ERP) and service oriented architecture (SOA) programs. As IT auditors we are involved with acquiring a distinct understanding of the pitfalls and controls in the technology below overview. Flowcharts facilitate an exact evaluation of an IT setting.
According to Wikipedia, the fundamental definition of a flowchart is a variety of diagram that represents an algorithm or method that demonstrates information and its motion normally with arrows. The use of flowcharts is frequent in numerous fields for evaluation, style, documentation and procedure management.
Flowcharts are most helpful to visually screen company processes and the supporting engineering. flowchart creator can concentrate on distinct elements of information flows and infrastructure in these diagrams depending on the assessment of risks and controls.
Activities that can be captured in a flowchart include info inputs from a file or database, determination factors, logical processing and output to a file or report. Hazards and controls in a company process can be documented visually and analyzed.
Four basic shapes are typically employed to create flowcharts. A square is utilized for a procedure (e.g. insert, change, conserve). A square with a wavy base is employed for a document. A diamond is employed for a decision level (e.g. indeed/no, accurate/false). A sideways cylinder is utilised for knowledge storage (e.g. database). These conventional designs had been initially set up by IBM and other pioneers of details technology.
Added designs consist of circles, ovals and rounded rectangles for the commence and stop of a business method. Arrows present ‘flow control’ amongst a supply symbol and a target symbol. A parallelogram represents input and output e.g. knowledge entry from a type, display to person.
In making flowcharts, there are some basic guidelines to follow. Commence and finish points need to be evidently described. The stage of element documented in the flowchart need to be acceptable to the subject subject covered. The creator of the flowchart must have a distinct understanding of the approach and the supposed audience must be ready to follow the flowchart easily.
Our group of IT auditors, utilizes Microsoft Visio extensively to develop flowcharts and to examine organization procedures. A flowchart is typically designed with vertical columns representing diverse departments or phases that are component of an all round company process. Interfaces between departments can be proven whether automated or guide connections that aid the company process.
Flowcharts can explain the controls on data inputs, processing and outputs. Enter controls may include edit and validation checks. Processing controls can be in the type of control totals or milestones. Output controls might consist of mistake examining and reconciliations. This kind of a representation on a flowchart makes it possible for an auditor to discover regions inside of a company approach with weak or non-existent controls.
An illustration of engineering that can be comprehended through flowchart examination is business source organizing software program this sort of as Oracle e-Company Suite and SAP. Enter controls are established by means of specific ‘rules’ to make sure the validity of data. Approach controls are applied to substantial-chance capabilities, transactions or kinds. Output controls consist of stories and reconciliations.
An additional example of complex technology that can be understood through flowcharts is service oriented architecture (SOA). This architecture is composed of a lot of internet and computer software factors that are built-in to join provider suppliers with provider buyers. ‘Web services’ assist specific business procedures. Each of these internet companies will usually have controls on information inputs, processing and output. The flowchart is crucial to comprehend these kinds of internet providers and their integration in a broader environment usually through an Company Provider Bus (ESB).
In conclusion, a flowchart can be utilised by IT auditors to analyze a company procedure. Various elements of the process can be emphasized such as pitfalls, controls, interfaces, determination details, technological innovation infrastructure and parts. The well-known expression of a photograph is equal to a thousand phrases is exact. A flowchart can seize crucial details that verbiage and text cannot easily match. We stimulate the IT audit, threat and handle communities to use this effective tool in doing their respective features.