A flowchart can be extremely helpful in auditing crucial organization applications and programs these kinds of as organization useful resource planning techniques (ERP) and provider oriented architecture (SOA) techniques. As IT auditors we are concerned with obtaining a obvious comprehending of the pitfalls and controls in the engineering under review. Flowcharts aid an correct assessment of an IT surroundings.
According to Wikipedia, the simple definition of a flowchart is a variety of diagram that signifies an algorithm or process that shows info and its motion generally with arrows. The use of flowcharts is typical in many fields for evaluation, design, documentation and process administration.
flowchart software are most helpful to visually show organization processes and the supporting technologies. Auditors can emphasis on different elements of info flows and infrastructure in these diagrams depending on the assessment of risks and controls.
Events that can be captured in a flowchart include knowledge inputs from a file or database, determination details, logical processing and output to a file or report. Pitfalls and controls in a organization method can be documented visually and analyzed.
4 simple designs are typically utilised to create flowcharts. A square is used for a method (e.g. insert, change, help save). A square with a wavy base is utilised for a document. A diamond is utilised for a decision stage (e.g. sure/no, correct/fake). A sideways cylinder is used for info storage (e.g. databases). These traditional styles had been initially established by IBM and other pioneers of information technological innovation.
Additional shapes incorporate circles, ovals and rounded rectangles for the commence and stop of a enterprise process. Arrows display ‘flow control’ in between a source image and a concentrate on symbol. A parallelogram represents enter and output e.g. info entry from a form, exhibit to person.
In creating flowcharts, there are some standard guidelines to adhere to. Begin and stop factors must be clearly described. The amount of depth documented in the flowchart ought to be appropriate to the matter issue protected. The creator of the flowchart must have a obvious knowing of the procedure and the meant audience need to be in a position to adhere to the flowchart simply.
Our team of IT auditors, uses Microsoft Visio extensively to create flowcharts and to analyze enterprise procedures. A flowchart is typically developed with vertical columns symbolizing diverse departments or phases that are element of an total enterprise process. Interfaces among departments can be proven whether automated or handbook connections that facilitate the company process.
Flowcharts can explain the controls on knowledge inputs, processing and outputs. Input controls may contain edit and validation checks. Processing controls can be in the type of manage totals or milestones. Output controls could consist of mistake examining and reconciliations. This sort of a illustration on a flowchart enables an auditor to recognize regions within a organization approach with weak or non-existent controls.
An instance of technologies that can be recognized by means of flowchart examination is organization source arranging computer software these kinds of as Oracle e-Organization Suite and SAP. Input controls are set by way of specific ‘rules’ to ensure the validity of information. Approach controls are utilized to higher-danger capabilities, transactions or kinds. Output controls consist of reports and reconciliations.
An additional case in point of complicated engineering that can be understood by means of flowcharts is provider oriented architecture (SOA). This architecture is composed of several world wide web and software factors that are built-in to join service providers with service buyers. ‘Web services’ help certain company procedures. Every of these web providers will generally have controls on data inputs, processing and output. The flowchart is crucial to recognize these kinds of web services and their integration in a broader environment typically by means of an Enterprise Support Bus (ESB).
In conclusion, a flowchart can be utilized by IT auditors to assess a company approach. Various elements of the procedure can be emphasised these kinds of as pitfalls, controls, interfaces, choice factors, engineering infrastructure and components. The renowned expression of a picture is equivalent to a thousand terms is exact. A flowchart can capture vital factors that verbiage and text can’t simply match. We inspire the IT audit, chance and handle communities to use this potent tool in executing their respective functions.