A flowchart can be very beneficial in auditing crucial company applications and programs this kind of as business useful resource organizing systems (ERP) and provider oriented architecture (SOA) systems. As IT auditors we are involved with getting a distinct knowing of the hazards and controls in the engineering below evaluation. Flowcharts facilitate an exact assessment of an IT atmosphere.
In accordance to Wikipedia, the standard definition of a flowchart is a sort of diagram that represents an algorithm or procedure that displays knowledge and its movement typically with arrows. The use of flowcharts is frequent in numerous fields for evaluation, design and style, documentation and process administration.
Flowcharts are most valuable to visually exhibit organization procedures and the supporting technological innovation. Auditors can concentrate on distinct facets of information flows and infrastructure in these diagrams relying on the assessment of hazards and controls.
Events that can be captured in a flowchart consist of knowledge inputs from a file or databases, determination details, reasonable processing and output to a file or report. Risks and controls in a organization procedure can be documented visually and analyzed.
Four standard designs are generally used to create flowcharts. A sq. is employed for a procedure (e.g. insert, replace, save). A square with a wavy foundation is utilised for a document. A diamond is utilized for a choice point (e.g. sure/no, real/false). A sideways cylinder is utilized for knowledge storage (e.g. databases). These conventional designs were originally established by IBM and other pioneers of data engineering.
Extra designs contain circles, ovals and rounded rectangles for the start off and conclude of a organization process. Arrows demonstrate ‘flow control’ amongst a source image and a concentrate on symbol. A parallelogram represents enter and output e.g. knowledge entry from a kind, show to consumer.
In generating flowcharts, there are some fundamental policies to adhere to. Start off and finish points must be obviously described. The degree of element documented in the flowchart must be suitable to the subject matter matter covered. The creator of the flowchart must have a very clear comprehending of the method and the meant viewers should be capable to comply with the flowchart easily.
Our crew of IT auditors, utilizes Microsoft Visio thoroughly to produce flowcharts and to examine business processes. A flowchart is normally made with vertical columns representing various departments or phases that are portion of an general enterprise approach. Interfaces in between departments can be demonstrated whether or not automated or manual connections that aid the company procedure.
Flowcharts can explain the controls on data inputs, processing and outputs. Input controls might contain edit and validation checks. Processing controls can be in the type of manage totals or milestones. Output controls may possibly consist of mistake examining and reconciliations. Such a representation on a flowchart enables an auditor to identify locations inside of a enterprise approach with weak or non-existent controls.
An illustration of engineering that can be understood via flowchart examination is business useful resource preparing software this sort of as Oracle e-Company Suite and SAP. Input controls are set by means of particular ‘rules’ to guarantee the validity of information. flowchart symbols are applied to substantial-threat functions, transactions or kinds. Output controls consist of reviews and reconciliations.
Another instance of intricate technology that can be understood through flowcharts is provider oriented architecture (SOA). This architecture is composed of numerous net and application parts that are integrated to join provider suppliers with service buyers. ‘Web services’ help specific enterprise processes. Every of these internet companies will generally have controls on information inputs, processing and output. The flowchart is important to realize such internet providers and their integration in a broader surroundings generally by means of an Organization Service Bus (ESB).
In summary, a flowchart can be utilized by IT auditors to examine a organization approach. Diverse elements of the approach can be emphasized such as risks, controls, interfaces, choice factors, technology infrastructure and parts. The famous expression of a picture is equivalent to a thousand words and phrases is correct. A flowchart can capture vital details that verbiage and textual content can not effortlessly match. We encourage the IT audit, chance and manage communities to use this effective tool in doing their respective functions.