Application Software and Application Controls

Application Software

-Application software accomplishes end user tasks such as word processing, spread-sheets, database
maintenance, and accounting functions. All application software runs on top of the operating system
software and uses the basic input, output, and data storage functions of the operating system. Any
accounting software is considered application software.

Application Controls

- are internal controls over the input, processing, and output of accounting applications.

Application controls intended to improve the accuracy, completeness, and security of input, processing,
and output are described as follows:

1. Input controls -are intended to ensure the accuracy and completeness of data input procedures and
the resulting data.

2. Processing controls- are intended to ensure the accuracy and completeness of processing that occurs
in accounting applications.

3. Output controls - are intended to help ensure the accuracy, completeness, and security of outputs
that result from application processing.
Input Controls

In IT systems, data must be converted from human‐readable form to computer‐readable form. This
process is called data input. Data can be input into a computer application in many different ways.

Four types of Input controls

1. Source document controls

2. Standard procedures for data preparation and error handling

3. Programmed edit checks

4. Control totals and reconciliation

Source Document Controls

- A source document is the paper form used to capture and record the original data of an accounting
transaction.

Form design: Both the source document and the input screen should be well designed so that they are
easy to understand and use, logically organized into groups of related data.

Form authorization and control: The source document should contain an area for authorization by the
appropriate manager.

Retention of source documents: After data from source documents has been keyed into the computer,
the source documents should be retained and filed in a manner that allows for easy retrieval. Filed
source documents serve as the historical, original records of transactions and can be used to reconstruct
transactions if necessary, or can be used to answer questions that arise about transaction processing.
Standard Procedures for Data Input

Data preparation: The procedures to collect and prepare source documents are called data preparation
procedures. Without well‐defined source data preparation procedures, employees would be unsure of
which forms to use, as well as when to use them, how to use them, and where to route them.

Error handling: As data is collected on source documents or entered on screens, errors may occur. It is
not possible to eliminate all errors. Therefore, an organization should have error handling procedures.

Programmed Input Validation Checks

Data should be validated and edited as close as possible to the time of obtaining the data from its
original source. In many IT systems that process transactions in real time, editing can take place during
data entry. Real‐time systems must have access to data in master files, such as balances and employee
pay rates. Since this data is online and available in real time, editing can be completed by checking data
input against data in master files.

Input validation checks include the following:

1. Field check

2. Validity check

3. Limit check

4. Range check

5. Reasonableness check

6. Completeness check

7. Sign check

8. Sequence check

9. Self‐checking digit
Control Totals and Reconciliation

Control totals are useful in any IT system in which transactions are processed in batches. Control totals
are subtotals of selected fields for an entire batch of transactions. For a batch of similar transactions,
such as payroll transactions for a pay period, control totals can be calculated before the data is
processed.

Three types of Control Totals

Record counts- are a simple count of the number of records processed. The records can be counted
prior to and after input, and the totals should agree.

Batch totals-are totals of financial data, such as total gross pay or total federal tax deducted.

Hash totals -are totals of fields that have no apparent logical reason to be added.

Processing Controls

–Processing controls are intended to prevent, detect, or correct errors that occur during the processing
in an application.

–Many input controls also serve as processing controls. Control totals, limit and range tests, and
reasonableness and sign tests can prevent or detect processing errors. Control totals such as record
counts, batch totals, and hash totals can be reconciled during stages of processing to verify the accuracy
and completeness of processing. This reconciliation of control totals at various stages of the processing
is called run‐to‐run control totals.

Output Controls

-Many outputs in an IT system are reports from the various applications.

–Output reports contain data that should not fall into the wrong hands, as much of the information is
confidential or proprietary. Therefore, an organization must maintain procedures to protect output from
unauthorized access, in the form of written guidelines and procedures for output distribution.