 |
 |
|
End-User Computing End-user computing controls apply only in very specific circumstances. In order to illustrate a circumstance where an auditor would want to investigate end-user computing controls please see the below diagram:
So in this situation we see that users are modifying data files and then returning them to the central server or mainframe. What if the desktop environment is not secure though? What if the uploaded data file is corrupted? End-user computing controls are put in place to ensure that a transaction such as this will not harm the overall availability of the system and integrity of the data. If you think that users of your system are behaving in this manner or a manner similar to this, you may want to consider inquiring about end-user computing controls that are in place. Once it is confirmed that controls are needed at the desktop level auditors will review a series of controls related to desktop management and security. For a more complete listing for the types of controls please click here. If you have any specific questions regarding end-user computing controls and any compliance issues related to them, please contact Brian Markham at 301-405-1057. |
 |