Welcome to Random Mnemonics post

Chapter 3 

POIS
Protection of Information Systems

#3.11 Financial Controls

Mnemonics:

Chanda Kochhar vala: Chanda Kochhar ICICI bank ki MD, CEO hai उनका Financial Control बहुत अच्छा है।  

Chanda kochhar Authorize करती है: AUTHORIZATION
हर आने जाने वाली transaction को : INPUT/OUTPUT VERIFICATION
Slip (pay-in, withdrawal) को safely रखने के लिए बोलै हुआ है सबको : SAFEKEEPING
जो slips cancel भी होती है उनको भी safe रखने को बोलै हुआ है : CANCELLATION OF DOCS
जब Month end होता है तो Sequentially Number डालते है slips पे: SEQUENTIALLY NO. DOCS
सारे CASH का Budget बनाते है फिर: BUDGETS
जिससे DUAL Control लग सके।: DUAL CONTROL   

In the computerized information systems, most of the business processes are automated. Organizations are increasingly relying on Information Technology (IT) for information and transaction processing. The growth of E-commerce supported by the growth of the Internet has completely revolutionized and generated need for reengineered business processes. IT innovations such as hardware, software, networking technology, communication technology and ever-increasing bandwidth lead to completely new business models.
All these new business models and new methods assume that the information required by the business managers IS available all the time; it is accurate, it is complete and no unauthorized disclosure of the same is made. Further, it is also presumed that the virtual business organization is up and running all the time on 24 x 7 basis. However, in reality, the technology-enabled and technology-dependent organizations are more vulnerable to information security threats than ever before. The Denial of Service (DOS) attacks on the websites of yahoo.com, amazon.com and lots of other web sites is a significant case. Those websites were down for several hours to a few days jeopardizing the business of those organizations. The virus threats are also in real. The horror stories of 'Melissa' and 'l love you' viruses are fresh in the minds of the IT professionals of those organizations, which were affected by them. Further, the hacking and cracking on the Internet is a real threat to virtual organizations, which are vulnerable to information theft and manipulations. 

Learn ISCA easily

#3.6.1 CLASSIFICATION ON THE BASIS OF "OBJECTIVE OF CONTROLS"

• Managerial Control
• Application Control

Few topics have already been covered before in the earlier post. The topics that are covered before are as follows:

1. Main Headings of Managerial Control
2. Main Headings of Application Control
3. Application and Monitoring System Access Control
4. System Development Management Controls

Link to this post ---->  "Click Here"

Topic # 3.6

Classification of Information Systems Controls

#3.6.3 CLASSIFICATION ON THE BASIS OF "Audit Function"

APPLICATION CONTROL

The broad headings of Application control have already been covered above viz. Sachin & Shoaib Mnemonic.

Now, we will discuss the Sub-headings.


Topic # 3.8.2
Input Control

Input controls are divided into the following broad classes:

• Source Document Control, 
• Data Coding Controls 
• Batch Controls, and 
• Validation Controls. 

Now, to remember this we are going to use a Mnemonic that is given below.

Mnemonic: Cheque Input होता है बैंक के लिए 

बैंक वाले Bench पे बैठे हुए थे : Batch Control
Cheque : Source Document होता है
उस पर Data Coding control लगा होता है i.e MICR
उसकी Validation होती है i.e valid upto 3 Months 

(a) Source Document Control

• Cheque book मे cheques serial numbers से होते है :Use Source Document in Sequence

• उन पर पहले से ही Numbers होते है: Use Pre-numbered source document

• हम थोर्ड़े टाइम बाद Cheque बुक की Audit करते है टोटल Expense देखने के लिए : Periodically Audit source document

(b) Data Coding Control

• Transcription Errors 
• Addition
• Truncation (Deletion)
• Substitution

• Transposition Errors
• Single
• Multiple

(c) Batch Control

• Physical Control
• Logical Control

(d) Validation Control

Arithemetic के अध्यापक का बच्चा Kaaalu Ribbon काट रहा था।  

Arithmetic: Field Interrogation
Record Interrogation: Ribbon Cutting
File Interrogation: Kaalu Vala

Field Interrogation:

It involves programmed procedures that examine the characters of the data in the field. The following are some common types of field interrogation. Various field checks used to ensure data integrity have been described below: 

• Limit Check: This is a basic test for data processing accuracy and may be applied to both the input and output data. The field is checked by the program against predefined limits to ensure that no input/output error has occurred or at least no input error exceeding certain pre-established limits has occurred. 
• Picture Checks: These check against entry into the processing of incorrect/invalid characters. 
• Valid Code Checks: Checks are made against predetermined transactions codes, tables or order data to ensure that input data are valid. The predetermined codes or tables may either be embedded in the or stored in (direct access) files. 
• Check Digit: One method for detecting data coding errors is a check digit. A check digit is a control digit (or digits) added to the code when it IS originally assigned that allows the integrity of the code to be established during subsequent processing.
• Arithmetic Checks: Simple Arithmetic is performed in different ways to validate the result of other computations of the values of selected data fields. 
• Cross Checks: may be employed to verify fields appearing in different files to see that the result tally.  

Now, Mnemonic to learn the above topic is given down below.

Arithmetic के अध्यापक दोनों एक ही FIELD के थे, दोनों को प्यार होगया 

Story:

Arithmetic के अध्यापक: Arithmetic Checks
दोनों को Cross मे प्यार हुआ: Cross Checks
Age की Limit नहीं check की थी प्यार करते time: Limit Check
दोनों 143 नहीं बोल पाते थे एक दूसरे को: Valid Code Check
दोनों Check करते थे एक दूसरे की : Check Digit
Picture facebook पे : Picture Check

Video Class to explain this topic Further:

PART 2 CLASS VIDEO LINK IN DOWN BELOW, DON'T FORGET TO CHECK THAT OUT

Record Interrogation:

Reasonableness Check: Whether the value specified in a field is reasonable for that particular field? 
Valid Sign: The contents of one field may determine which sign is valid for a numeric field.
Sequence Check: If physical records follow a required order matching with logical records.


Mnemonic for this topic:

Ribbon cutting वाला i.e रिबन cutting के time Recording हो रही थी। 

Story:

लड़की वालो ने 51000 मांगे, दूल्हे ने बोला Reasonable amount बोलो
 बोला 11000 Valid है
अब सबने Sequence से Entry करी। 

File Interrogation:

These are discussed as follows:

• Version Usage: Proper version of a file should be used for processing the data correctly. In this regard, it should be ensured that only the most current file be processed. 
• Internal and External Labeling: Labeling of storage media is important to ensure that the proper files are loaded for process. Where there is a manual process for loading files, external labeling is important to ensure that the correct file is being processed. Where there is an automated tape loader system, internal labeling IS more important. 
• Data File Security: Unauthorized access to data file should be prevented, to ensure Its confidentiality, integrity and availability. These controls ensure that the correct file used for processing. 
• Before and after Image and Logging: The application may provide for reporting of before and after images of transactions. These Images combined with the logging of events enable re-constructing the data file back to its last state of integrity, after which the application can ensure that the incremental transactions/events are rolled back or forward. 
• File Updating and Maintenance Authorization: Sufficient controls should exist for file updating and maintenance to ensure that stored data are protected. The access restrictions may either be part of the application or of the overall system access restrictions. 
• Parity Check: When programs or data are transmitted, additional controls are needed. Transmission errors are controlled primarily by detecting errors or correcting codes. 

Mnemonic for the above topic:

Kaaaalu वाला i.e कालू Flipkart से कपडे खरीदता था (कपड़ो की interrogation कर के) i.e  File Interrogation 

Story:

कालू अपनी Internal & External Labelling करता था Flipkart से कपड़े खरीद कर
रोज़ नई version की लड़की पे दिल आ जाता था
इस बार एक परि जैसी लड़की पे दिल आ गया
कालू ने लड़की को बोलै अपने दिल की Data File दे दे मे उसकी Security करूंगा
लड़की ने उसकी Before & after की Image देखी
finally लड़की ने उसे अपनी File Updation & maintenance की Authorization दे दी। 

 For the Video Class click the link given below
PART #2

-------------->CLICK HERE<-------------- 

Or watch it here directly

Video Class:

Exam Tricks

• Headings are the Most important part of the answers. Without Headings (Module Headings) scoring marks in ISCA are next to impossible. Having said that, only Headings are also not sufficient. You have to write some matter for those heading. [Just write something at least (Check the ISCA certified copies if you have any doubts about it].

• Try to cover all the topics. I know at times it is not possible to cover the whole thing but try to do the topics that are almost at the end of the chapters & in the very beginning as chances of those topics are very high. Students revising the subject try to finish the chapters in a hurry when they are very close to the end & end up skipping or not paying that much attention to the topics that are at the end. [eg. CH-5 ADIS (SDLC phase related to "Testing")] 

• Study for the day before the Exam. i.e Study to Revise. Only when you'll be able to revise your topics/chapters then only you'll get the confidence to appear in the exam. And believe me when I say this if you don't revise your Stuff, even if you have read it earlier, In the exam, there is a very slight chance that you'll be able to recall it. So, Revise, revise & revise.

• Study only that much portion of the topic which you think you'll be able to recall it in the examination hall.

• ISCA question paper consists Questions of 4 Mark, 5 Mark & 6 Mark (unless ICAI does something different) so keep that in mind. Prepare your answer according to the Marking so that you don't spend much time writing a 4 Mark question very lengthy and taking up time much more than needed.

• Most important thing to do in the 15 Minutes time before the exam start is to figure out the question that you will leave & try to cover the whole question paper.
• Costing & DT subjects are very hard to cover in the 15 Minutes time.

• Just stay calm even if you are not able to recall the question, start another one & the first question will come back to you (& if not, well at least you didn't waste your time thinking too much about it & thereby exhausting your precious time)

Chapter 6
Auditing of Information Systems

Information Systems have become an integral part of our day-to-day life. From morning till evening, all humans interact With systems, in one form or another. The increased usage of technology has its pitfalls. Organizations need to rely more on technology for their day-to-day jobs, e.g. management decision making and all business related activities. As the usage of technology and information system is increasing, associated risk with technology is also imposing several threats to the information systems.
More and more use of technology and the increased instances has made it imperative for organizations to place proper controls. Controls can be classified based on nature say, preventive, detective and corrective or based on some other parameters Ike physical, logical or environmental. More classifications are also possible like based on the asset they protect; the detail discussion has already been done in Chapter 3 of the study material.

CA FINAL ONLINE CLASSES: ISCA CLASSES

Effect of Computers on Audit

• Changes in Evidence Collection
• Changes to Evidence Evaluation

• Data Retention and Storage
• Absence of Input 
• Non-availability of Audit trail
• Lack of availability of Printed output
• Audit evidence
• Legal issues

Steps in Information System Audit

1. Scoping and pre-audit survey
2. Planning and preparation
3. Fieldwork
4. Analysis
5. Reporting
6. Closure

Companies (Auditors’ Report) Order, 2016 [CARO]

 CARO – Applicability & Reporting Matters 

1. What types of Companies are specifically exempted from application of CARO? 

 2. Bring out the differences between compliance with the requirements of Sec. 143 of COA 2013 and CARO.

 3. Bring out the professional necessity for complying CARO. Is it mandatory?

1. Additional Matters for reporting [Sec.143(11)]: The Central Government may order for the inclusion of a Statement on specified matters in the Auditor’s Report for specified class or description of Companies. Accordingly, CARO 2016 is issued by the Central Government, and should be complied by the Statutory Auditor of the Company.
2. Nature of CARO: CARO is not intended to limit the duties and responsibilities of Auditors, but only requires a Statement to be included in the Audit Report in respect of the matters specified therein.
3. Govt. Cos: For Govt. Companies, CARO is supplemental to the Directions given by the C&AG of India. So, in respect of Govt. Companies, the matters specified in CARO will also form part of the Auditor’s Report. 

 4. List the matters to be reported under CARO, 2016.

1. FIXED ASSETS [3(i)]:
2. INVENTORIES [3(ii)]:
3. LOANS TO DIRECTORS AND INTERESTED PARTIES [3(iii)]:
4. Compliance of Sec.185 & 186 [3(iv)]:
5. DEPOSITS FROM PUBLIC [3(v)]:
6. COST ACCOUNTING RECORDS [3(vi)]:
7. STATUTORY DUES [3(vii)]:
8. REPAYMENT OF DUES [3(viii)]:
9. APPLICATION OF MONEYS RAISED [3(ix)]:
10. FRAUD [3(x)]:
11. MANAGERIAL REMUNERATION [3(xi)]:
12. NIDHI COMPANY [3(xii)]:
13. RELATED PARTY TRANSACTIONS [3(xiii)]:
14. PREFERENTIAL ALLOTMENT, etc. [3(xiv)]:
15. NON CASH TRANSACTIONS WITH SPECIFIED PERSONS [3(xv)]:
16. REGISTRATION UNDER RBI ACT [3(xvi)]:

The introduction of Goods and Services Tax (GST) is a very significant step in the field of indirect tax reforms in India. In the pre-GST regime, there was a multiplicity of indirect taxes. The central excise duty and service tax were levied by the Central Government, while VAT and Entry Tax was levied by the State Government. Moreover, there was a cascading effect of taxes, i.e. tax on tax, at various stages as the credit of taxes levied by one government was not available against payment of taxes levied by the other.
GST is a huge reform for indirect taxation in India, the likes of which the country has not seen post Independence. GST will simplify indirect taxation, reduce complexities, and remove the cascading effect. It will have a huge impact on businesses both big and small, and change the way the economy functions.
GST is a comprehensive indirect tax levy subsuming all central and state levies with a single unified value-added tax transforming the nation into one single market. Major Central and State taxes are subsumed into GST which will reduce the multiplicity of taxes, and thus bring down the compliance cost. With GST, the burden of CST will be phased out.

CA FINAL NOV 17: (10 Marks)

• 10 marks on “Overview of GST” has been accommodated in Section B: Service Tax (which presently carries 50 marks) with simultaneous exclusion of certain topics from central excise and service tax:

• The syllabus of Final Paper 8: Indirect Tax Laws after incorporating “Overview of GST” for 10 marks is given as Annexure A. The exclusions from central excise and service tax are given as Annexure B.

• Overview of GST will be tested in the examination in first compulsory question carrying 20 marks and only knowledge and comprehension based question will be asked from this topic. Thus, out of 20 marks allotted to the compulsory question, 10 marks will be allocated to Overview of GST and remaining 10 will be allocated to central excise and customs.

• “Overview of GST” will cover an introduction to GST laws in India and basic concepts relating to supply, composite and mixed supplies and charge of tax. 

CS PROFESSIONAL DECEMBER 17

1. GST LOGIN
2. CBEC
3. GST Council

RELEVANT ACTS PASSED BY PARLIAMENT AND STATES
Roll out date for GST is fixed at 1st July 2017. Following are Acts under GST which were passed and received the President's assent on 12th April 2017-

1. The Central Goods and Service Tax Act, 2017(CGST), 
2. The Integrated Goods and Service Tax Act, 2017(lGST), 
3. The Union Territory Goods and Service Tax Act, 2017(UTGST), 
4. The Goods and Service Tax(Compensation to States) Act, 2017(Compensation Cess). 

Twenty eight states excluding Jammu & Kashmir, Union Territories with legislature- Delhi and Puducherry and the remaining five Union Territories have passed their respective State Goods and Service Tax Act (SGST) and UTGST Act by 30th June 2017. The State of Jammu & Kashmir passed their SGST Act on 5th of July, 2017.All the acts are effective from 1 st day of July 2017
The CGST and IGST Acts extends to the whole of India except the State of Jammu & Kashmir. 

Download free CA Final Notes, CA IPCC Notes, Amendments for NOV 2017

CA FINAL