A flowchart can be really helpful in auditing essential business programs and methods this sort of as organization source arranging methods (ERP) and support oriented architecture (SOA) techniques. As IT auditors we are worried with getting a clear knowing of the dangers and controls in the engineering beneath overview. Flowcharts facilitate an exact evaluation of an IT surroundings.
According to Wikipedia, the basic definition of a flowchart is a type of diagram that represents an algorithm or method that shows info and its motion normally with arrows. The use of flowcharts is common in many fields for examination, design and style, documentation and approach administration.
Flowcharts are most beneficial to visually exhibit enterprise procedures and the supporting technology. Auditors can target on various aspects of info flows and infrastructure in these diagrams dependent on the evaluation of hazards and controls.
Events that can be captured in a flowchart consist of information inputs from a file or database, determination factors, rational processing and output to a file or report. Pitfalls and controls in a organization approach can be documented visually and analyzed.
Four basic designs are generally utilised to develop flowcharts. zen flowchart is employed for a method (e.g. insert, change, preserve). A sq. with a wavy foundation is used for a document. A diamond is utilized for a choice position (e.g. of course/no, true/bogus). A sideways cylinder is employed for information storage (e.g. databases). These standard designs were originally recognized by IBM and other pioneers of information technology.
Additional designs incorporate circles, ovals and rounded rectangles for the start off and stop of a company method. Arrows display ‘flow control’ between a resource image and a target symbol. A parallelogram represents enter and output e.g. data entry from a form, exhibit to consumer.
In creating flowcharts, there are some simple guidelines to comply with. Commence and stop details should be clearly described. The amount of element documented in the flowchart ought to be proper to the matter make a difference coated. The creator of the flowchart should have a clear understanding of the method and the supposed viewers ought to be capable to adhere to the flowchart simply.
Our group of IT auditors, uses Microsoft Visio thoroughly to generate flowcharts and to evaluate organization processes. A flowchart is typically created with vertical columns symbolizing different departments or phases that are part of an general enterprise approach. Interfaces in between departments can be demonstrated whether or not automated or guide connections that facilitate the organization process.
Flowcharts can make clear the controls on info inputs, processing and outputs. Enter controls might incorporate edit and validation checks. Processing controls can be in the kind of management totals or milestones. Output controls might consist of error checking and reconciliations. These kinds of a representation on a flowchart enables an auditor to recognize places in a enterprise method with weak or non-existent controls.
An instance of engineering that can be understood by means of flowchart investigation is organization resource preparing application such as Oracle e-Business Suite and SAP. Enter controls are set via specific ‘rules’ to make sure the validity of data. Method controls are utilized to high-chance features, transactions or types. Output controls consist of reviews and reconciliations.
An additional instance of intricate technology that can be understood through flowcharts is support oriented architecture (SOA). This architecture consists of numerous net and computer software parts that are integrated to hook up provider vendors with provider customers. ‘Web services’ support particular organization procedures. Each of these net solutions will normally have controls on data inputs, processing and output. The flowchart is important to recognize this sort of internet companies and their integration in a broader atmosphere typically by means of an Company Service Bus (ESB).
In conclusion, a flowchart can be employed by IT auditors to assess a organization procedure. Various elements of the process can be emphasized such as pitfalls, controls, interfaces, determination details, engineering infrastructure and components. The popular expression of a image is equal to a thousand words and phrases is accurate. A flowchart can capture vital details that verbiage and textual content can’t effortlessly match. We inspire the IT audit, chance and control communities to use this potent instrument in executing their respective features.