General Control Vs Application Control

General controls apply to all computerized systems or applications. They include a mixture of
software, hardware, and manual procedures that shape an overall control environment. In
contrast, application controls are specific controls that differ with each computerized application.
Types of General Control
 Software controls - Monitor the use of system software and prevent unauthorized access
of software programs, system software, and computer programs. System software is an
important control area because it performs overall control functions for the programs that
directly process data and data files.

 Hardware controls - Ensure that computer hardware is physically secure and check for
equipment malfunction. Computer equipment should be specially protected against fires
and extremes of temperature and humidity. Organizations that are dependent on their
computers also must make provisions for backup or continued operation to maintain
constant service.

 Computer operations controls - Oversee the work of the computer department to ensure
that programmed procedures are consistently and correctly applied to the storage and
processing of data. They include control over the setup of computer processing jobs and
computer operations and backup and recovery procedures for processing that ends
abnormally.

 Data security controls - Ensure that valuable business data files on either disk or tape are
not subject to unauthorized access, change, or destruction while they are in use or in
storage.

 Implementation controls - Audit the systems development process at various points to

ensure that the process is properly controlled and managed. The systems development
audit looks for the presence of formal reviews by users and management at various stages
of development; the level of user involvement at each stage of implementation; and the
use of a formal cost-benefit methodology in establishing system feasibility. The audit
should look for the use of controls and quality assurance techniques for program
development, conversion, and testing and for complete and thorough system, user, and
operations documentation.

 Administrative controls - Formalize standards, rules, procedures, and control disciplines

to ensure that the organization’s general and application controls are properly executed
and enforced.
Types of Application Control
 Control totals (name of control) Input, processing (Type of control) - Totals established
beforehand for input and processing transactions. These totals can range from a simple
document count to totals for quantity fields, such as total sales amount (for a batch of
transactions). Computer programs count the totals from transactions input or processed.

 Edit checks (name of control) Input (Type of control) - Programmed routines that can be
performed to edit input data for errors before they are processed. Transactions that do not
meet edit criteria are rejected. For example, data might be checked to make sure they are
in the right format (for instance, a nine-digit social security number should not contain
any alphabetic characters).

 Computer matching (name of control) Input, processing (Type of control) - Matches

input data with information held on master or suspense files and notes unmatched items
for investigation. For example, a matching program might match employee time cards
with a payroll master file and report missing or duplicate time cards.

 Run control totals (name of control) Processing, output (Type of control) - Balance the
total of transactions processed with total number of transactions input or output.

 Report distribution logs (name of control) Output (Type of control) - Documentation

specifying that authorized recipients have received their reports, checks, or other critical
documents.

Simple system???

Types of Computer Viruses

Viruses can infect almost any device, including Windows PCs and Macs, as well as iPhones and
Androids.
Below are the most common computer viruses and how you can avoid them:
 Macro Virus - Typically, this type of computer infection is discovered in Microsoft
Office products. Macro viruses prefer to embed themselves in Word and Excel
documents. Macro viruses, like most other viruses (excluding spacefillers – more on
these later), enlarge files when they infect them by attaching their own code. When a
macro virus infects a file, it can quickly spread to other computers if it is shared, such as
by email.
 Boot Sector Virus - Boot sector viruses, like beepers and Tamagotchis, are horrible little
items that were popular in the 1990s. Boot sector viruses are one of the earliest types of
viruses, attacking the heart of your computer and altering the startup or 'boot' process.
Viruses were spread through floppy disks back in the day. They now attach themselves to
emails and USB drives. If your computer becomes infected with one of them, you'll need
a professional to do a thorough system reformat (Windows, Mac).

 Trojan Horses - These are among the most cunning computer viruses, taking their name
from the massive wooden horse in which the Greeks hid to gain access to the ancient city
of Troy. Trojan horses are programs that are disguised as legitimate programs and are
used by cybercriminals to entice you to install them on your computer. The viruses
acquire access to your computer's files and steal your personal information, such as
passwords and online banking information, once they've been installed. Hackers can then
use your bank account to make online purchases or disclose your personal details.

 Overwrite Virus - When it comes to bugs, the Overwrite Virus is at the top of the list.
Overwrite viruses take control of a file and delete the original code without your
knowledge. The original files cannot be restored once they have been erased, and the data
has been gone. They are frequently disseminated via email attachments or online file
downloads, therefore examine files with anti-virus software before downloading and
opening them. This will assist you in detecting these viruses before they might create
difficulties.

 Browser Hijacker - Browser hijackers, the digital equivalent of a shady cold-caller

salesman, hijack your internet searches and send you to sites you didn't want to visit.
Browser hijackers are an annoying problem because they significantly reduce your UX
when surfing the internet. While they are not as harmful as other types of viruses – they
trick you rather than steal your money – they are still a nuisance because they
significantly lower your UX when surfing the internet. If you're getting a lot of random
pop-up ads or your default homepage browser has changed without your permission, you
probably have a browser hijacker. To avoid browser hijackers, always analyze email
attachments before opening them, and avoid downloading anything from dubious
websites.

 Web Scripting Virus - This is a modern-day classic. Web scripting infections are sneaky
small bugs that hide in plain sight on prominent websites, most commonly social media
platforms. They imitate normal links in order to entice you to click on them. They then
steal your cookies like a greedy schoolyard bully. Okay, different cookies — we're
talking about the ones that save your data. Web scripting infections, on the other hand,
should not be treated lightly; they can transmit spam to your system and destroy your
data, and they spread more quickly than most viruses.
  Polymorphic Virus - This is a cunning virus. A polymorphic virus, like a chameleon that
changes color depending on the surroundings, changes when it replicates. Most anti-virus
systems struggle to keep up with this. It has complete control over your computer once it
has gained access to it – usually via an email attachment or a download from a
questionable website – and may erase your files, steal your data, and generally ruin your
system. The bad news is that these shape-shifting con artists are becoming more
prevalent. The good news is that top antivirus programs are starting to catch up,
employing more advanced scanning algorithms to catch these chameleons in the act.

 Resident Virus - One of the most prevalent sorts of virus you'll (hopefully) encounter,
these sly little squatters intrude uninvited into your computer's memory and make
themselves at home. Consider your previous flatmate's obnoxious friend who would
come over every night and steal your Ben & Jerry's from the refrigerator. Resident
viruses can infect your computer through email attachments, infected downloads, or
shared files, then activate themselves whenever your computer does a certain activity.
They can even attach themselves to anti-virus software, defrauding the exact thing that's
supposed to keep it safe. Is this the best option? Involve a professional.

 Multipartite Virus - These adaptable fiends, sometimes known as'multi-part viruses,' are
on the rise. Unlike most viruses, which attack either the computer's central boot region or
its files, a multipartite virus can attack both. Multipartite's fast development rate in recent
years can be attributed to the difficulty of preventing such a flexible virus. They mainly
spread via.exe files, which are found in apps like Word and Excel. How can you know if
you have a multipartite infection on your computer? Because these infections chew up
your virtual memory like nothing else, you should expect a slew of 'your computer has
low virtual memory' notifications and a dramatic slowdown.

 Spacefiller Virus - Spacefiller viruses, often known as "cavity viruses," look for empty
spaces in a program's code and fill them in with their own code. They don't change the
size of files in this way (like other viruses do), making them extremely difficult to detect.
Spacefillers elude most antivirus programs, but there are a few manual virus-hunting
techniques that cyber specialists use to discover them. Thankfully, they're not only
difficult to detect, but also to make, and they can only connect to a limited number of file
types. As a result, spacefiller viruses are extremely rare.

Remote Desktop Connection

Remote Desktop is a client application that allows a “client” computer to connect to a “host”
computer from a remote location. Users can then control and use the applications and files on the
host device from anywhere.
Different types of Information
 Transaction Processing Systems - A transaction encompasses all of the purchases and
sales of products and services, along with any daily business transactions or activities
required to operate a company. Quantities and the types of transactions performed vary,
depending on the industry and size/scope of the company. Examples of typical
transactions include billing clients, bank deposits, new hire data, inventory counts, or a
record of client-customer relationship management data. A transaction processing system
ensures that all of the contractual, transactional, and customer relationship data is stored
in a safe location and accessible to everyone who needs it. It also assists in the processing
of sales order entries, payroll, shipping, sales management, or other routine transactions
needed to maintain operations. By utilizing a TPS, organizations can have a high level of
reliability and accuracy in their user/customer data while minimizing the potential for
human error.

 Office Automation Systems - An office automation system is a network of various tools,

technologies, and people required to conduct clerical and managerial tasks. Typical
examples of functions performed by an OAS include printing documents, mailing
paperwork, mailing, maintaining a company calendar, and producing reports. Primarily,
an office automation system assists in enhancing communication among different
departments so everyone can collaborate to complete a task. An OAS can integrate with
e-mail or word processing applications to ensure all communication data is easily
accessible and in one centralized location. By utilizing an office automation system,
businesses can improve communication between workers, streamline managerial
activities, and optimize knowledge management.

 Knowledge Management Systems - A knowledge management system stores and extracts

information to help users enhance their knowledge and optimize collaboration efforts to
complete tasks. Examples of documents found in a knowledge management system
include employee training materials, company policies, and procedures, or answers to
customer questions. A KMS is used by employees, customers, management, and other
various stakeholders involved with the organization. It ensures that technical abilities are
integrated throughout the company while providing visuals to help employees make
sense of the data they see. This information system also provides intuitive access to
external information required by workers who need outside knowledge to complete their
roles. For example, a KMS may hold competitor data that helps a sales team member
optimize his/her strategy when pitching to a customer. Because a KMS shares expertise
and provides answers to essential questions, using one can improve communication
among team members and assist everyone in meeting performance goals.

 Management Information Systems - A management information system uses various

transaction data from a TPS to help middle management optimize planning and decision-
 making. It retrieves TPS information, aggregates it, and generates reports to help those at
the management level know important details of a situation. Summaries and comparisons
are utilized to allow senior managers to optimize the decision making process to achieve
better results. Most of the report formats encompass summaries of annual sales data,
performance data, or historical records. This provides a secure and systemized way for
managers to meet their targets and oversee business units.

 Decision Support Systems - A decision support system processes data to assist in

management decision-making. It stores and gathers the information required for
management to take the proper actions at the correct time. For example, a bank manager
can use a DSS to assess the evolving loan trends to determine which yearly loan targets to
meet. Decision models are programmed into the IS to analyze and summarize large
quantities of information and put it into a visual that makes it understandable. Because a
DSS is interactive, management can easily add or delete data and ask important
questions. This provides the evidence required for mid-management to make the right
choices that will ensure the company meets its targets.

 Executive Support System - Executive support systems are similar to a DSS but are
primarily used by executive leaders and owners to optimize decision-making. An expert
system helps enterprise leaders find answers to non-routine questions so they can make
choices that improve the company's outlook and performance. Unlike a DSS, an
executive support system provides better telecommunication functionality and a bigger
computing functionality. Graphics software is integrated within an ESS to display data
about tax regulations, new competitive startups, internal compliance issues, and other
relevant executive information. This allows leaders to track internal performance,
monitor the competition, and pinpoint growth opportunities.

Data privacy Act

Republic Act No. 10173, otherwise known as the Data Privacy Act is a law that seeks to protect
all forms of information, be it private, personal, or sensitive. It is meant to cover both natural and
juridical persons involved in the processing of personal information.