Return to the USDOJ/OIG Home Page

Select Application Controls Review of the Federal Bureau of Prisons's Sentry Database System

Report No. 03-25
July 2003
Office of the Inspector General

Appendix II

Authorization Controls (Input)


Data are authorized

1. Controlled and authorized source documents  
2. Supervisory reviews (Input process) X

Restricted terminals

3. Secured/restricted terminals (Audit logs) X
4a. Limited transactions (Access controls) X
4b. Limited transactions (Segregation of duties)


Master files/Exception Reporting

5.  Unauthorized transactions  
6.  Reported exceptions  

Completeness Controls (Processing)


Computer processed transactions

7. Record counts and control totals  
8. Computer sequence checking  
9. Computer matching of transaction data X
10. Checking reports for transaction data  


11. Completeness of data processed in the processing cycle.  
12. Completeness of data processed for the total cycle.  

Accuracy Controls (Output)


Data entry design

13. Source documents  
14. Preformatted screens  
15. Key verification  
16. Automated entry devices  

Data validation

17. Programmed validation  
18. Tests of critical calculations  
19. Restricted overriding data validation  

Erroneous data

20. Controlled rejected transactions  
21. Reported erroneous data  

Output reports

22.  Control output  
23. Review of processing reports  

Controls over Integrity of Processing and Data Files

24. Current versions of production programs and data files  
25. Routine to verify proper version  
26. Routine for checking internal file header labels  
27. Protection against concurrent file updates