A flowchart can be incredibly helpful in auditing critical business purposes and systems this sort of as business source preparing programs (ERP) and support oriented architecture (SOA) techniques. As IT auditors we are concerned with receiving a distinct comprehension of the dangers and controls in the technological innovation beneath overview. Flowcharts aid an exact assessment of an IT environment.
In accordance to Wikipedia, the simple definition of a flowchart is a variety of diagram that represents an algorithm or approach that exhibits knowledge and its movement normally with arrows. The use of flowcharts is typical in many fields for evaluation, layout, documentation and approach management.
Flowcharts are most helpful to visually exhibit enterprise procedures and the supporting technological innovation. Auditors can focus on various elements of data flows and infrastructure in these diagrams depending on the evaluation of pitfalls and controls.
Occasions that can be captured in a flowchart incorporate knowledge inputs from a file or database, selection factors, rational processing and output to a file or report. Dangers and controls in a organization approach can be documented visually and analyzed.
Four fundamental designs are commonly utilized to create flowcharts. A square is utilised for a approach (e.g. include, change, conserve). A square with a wavy foundation is utilised for a document. A diamond is utilized for a choice position (e.g. of course/no, accurate/fake). A sideways cylinder is employed for data storage (e.g. database). These conventional shapes ended up initially proven by IBM and other pioneers of details engineering.
Extra shapes contain circles, ovals and rounded rectangles for the start and stop of a company process. Arrows present ‘flow control’ between a source symbol and a concentrate on symbol. A parallelogram signifies enter and output e.g. information entry from a type, exhibit to consumer.
In generating flowcharts, there are some standard guidelines to stick to. Start and conclude factors ought to be clearly outlined. The amount of depth documented in the flowchart need to be acceptable to the subject matter protected. The creator of the flowchart must have a distinct comprehension of the process and the supposed viewers should be in a position to adhere to the flowchart easily.
Our team of IT auditors, employs Microsoft Visio extensively to generate flowcharts and to analyze enterprise procedures. A flowchart is generally designed with vertical columns symbolizing distinct departments or phases that are element of an overall enterprise method. Interfaces in between departments can be proven no matter whether automated or manual connections that facilitate the organization method.
Flowcharts can make clear the controls on info inputs, processing and outputs. Input controls might incorporate edit and validation checks. Processing controls can be in the kind of manage totals or milestones. Output controls may consist of mistake checking and reconciliations. This kind of a illustration on a flowchart makes it possible for an auditor to determine regions inside a company procedure with weak or non-existent controls.
An case in point of technologies that can be understood by way of flowchart analysis is business resource arranging software such as Oracle e-Company Suite and SAP. Input controls are established by way of certain ‘rules’ to make certain the validity of knowledge. flowchart symbols are used to higher-threat features, transactions or kinds. Output controls consist of reviews and reconciliations.
One more example of complicated technologies that can be recognized via flowcharts is provider oriented architecture (SOA). This architecture is composed of numerous net and computer software components that are integrated to connect support companies with support buyers. ‘Web services’ assistance distinct business procedures. Every single of these net companies will usually have controls on info inputs, processing and output. The flowchart is crucial to comprehend this sort of world wide web companies and their integration in a broader setting usually by way of an Company Support Bus (ESB).
In summary, a flowchart can be employed by IT auditors to analyze a company process. Diverse factors of the approach can be emphasized this kind of as pitfalls, controls, interfaces, determination points, engineering infrastructure and elements. The renowned expression of a photograph is equal to a thousand phrases is exact. A flowchart can capture essential details that verbiage and text can’t easily match. We inspire the IT audit, threat and manage communities to use this effective tool in executing their respective features.