The chapter describes five principles that are evaluated during a WebTrust ({ }^{5 M}) engagement: - Availability
Question:
The chapter describes five principles that are evaluated during a WebTrust \({ }^{5 M}\) engagement:
- Availability
- Security
- Processing Integrity
- Privacy
- Confidentiality Suppose that you are performing a WebTrust \({ }^{S \mathrm{M}}\) engagement for the order processing system for an online retailer. Classify each of the following controls to one of the above principles and discuss whether the control suggests that the corresponding principle is reliable for the system.
a. Consumers are able to place orders electronically 24 hours a day, 7 days a week.
b. Error logs suggest that customer addresses sometimes are not updated appropriately when customers input address changes.
c. Web site updates in appearance or functionality occur periodically and consumers must update any data previously stored on the web site.
d. Upon entering the "check-out" area of the web site, consumers must enter their user name and password to access stored information data. If consumers forget their passwords, they can enter a previously saved piece of personal data (e.g., mother's maiden name).
e. Consumers are not told upon placing orders that goods will be shipped within 2-3 business days. However, they are told that an e-mail will be sent upon shipment. Consumers also are not told that they will be responsible for all costs associated with returning goods.
f. The online retailer has outsourced the development of access controls for its information system to a consulting firm with an outstanding reputation in the industry.
g. The system has a control mechanism such that all transactions for which errors are detected are automatically sent to a suspense database. No master records can be updated for the transaction until all problems are corrected.
Step by Step Answer:
Auditing Assurance And Risk
ISBN: 9780324313185
3rd Edition
Authors: W. Robert Knechel, Steve Salterio, Brian Ballou