Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

AC3 - Accuracy, Completeness and Authenticity Checks

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

This Topic Has:
40 Members
0 Online
4538 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer

Accuracy, Completeness and Authenticity Checks

Ensure that transactions are accurate, complete and valid. Validate data that were input, and edit or send back for correction as close to the point of origination as possible.

View value and Risk Drivers  help

Hide value and Risk Drivers help

Value Drivers

  • Data processing errors efficiently remediated
  • Data accuracy, completeness and validity maintained during processing
  • Uninterrupted transaction processing
  • Segregation of duties for data entry and processing
  Risk Drivers
  • Processing inefficiencies and reworks due to incomplete, invalid or inaccurate data entry
  • Compromised integrity of critical data
  • Data entry errors undetected
  • Unauthorised data entry

View Control Practices  help

Hide Control Practices  help

  1. Ensure that transaction data are verified as close to the data entry point as possible and interactively during online sessions. Ensure that transaction data, whether people-generated, system-generated or interfaced inputs, are subject to a variety of controls to check for accuracy, completeness and validity. Wherever possible, do not stop transaction validation after the first error is found. Provide understandable error messages immediately such that they enable efficient remediation.
  2. Implement controls to ensure accuracy, completeness, validity and compliancy to regulatory requirements of data input. Controls may include sequence, limit, range, validity, reasonableness, table look-ups, existence, key verification, check digit, completeness (e.g., total monetary amount, total items, total documents, hash totals), duplicate and logical relationship checks, and time edits. Validation criteria and parameters should be subject to periodic reviews and confirmation.
  3. Establish access control and role and responsibility mechanisms so that only authorised persons input, modify and authorise data.
  4. Define requirements for segregation of duties for entry, modification and authorisation of transaction data as well as for validation rules. Implement automated controls and role and responsibility requirements.
  5. Report transactions failing validation and post them to a suspense file. Report all errors in a timely fashion, and do not delay processing of valid transactions.
  6. Ensure that transactions failing edit and validation routines are subject to appropriate follow-up until errors are remediated. Ensure that information on processing failures is maintained to allow for root cause analysis and help adjust procedures and automated controls.

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 254 total

Must be a Topic member to contribute
View All »
Posted by ISACA 191 days ago
ICQs and Audit Programs
Posted by ISACA 304 days ago
Posted by ISACA 468 days ago

Events & Online Learning: 22 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
14 Mar 2016
ISACA International Event
Miami, FL, USA
1 Aug 2016
ISACA International Event
Chicago, IL, USA

Journal Articles: 441 total

Volume 6, 2015
by Ed Gelbstein, Ph.D.
An auditor will sooner or later be faced with two kinds of conflicts: conflict of interest and interpersonal conflict.
Volume 5, 2107
by Marianne Bradford, Ph.D., and Dave Henderson, Ph.D.
Although generalized audit software (GAS) has been shown to significantly improve the efficiency and effectiveness of audits, many auditors do not use this technology.
Volume 1, 2018
by Mike Van Stone, CISA, CISSP, CPA, and Ben Halpert
Ever-changing laws continue to increase the risk and cost of noncompliance when unintentional data losses occur.
Volume 1, 2018
GDPR (Regulation [EU] 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union.
Volume 1, 2018
by Ian Cooke, CISA, CGEIT, CRISC, COBIT Assessor and Implementer, CFE, CPTE, DipFM, ITIL Foundation, Six Sigma Green Belt
Innovative technologies such as VMs and the cloud help the efficiency and effectiveness of backup and recovery plans, but they do not replace the need to plan, document, or test and test again.
Volume 1, 2018
by Mohammed J. Khan, CISA, CRISC, CIPM
To facilitate and administer the implementation of controls around the subject of big data, one must truly understand the concepts of deidentification, reidentification and anonymization.

Wikis: 2 total

Blog Posts: 138 total

Have you experienced ransomware attack so far and, if yes, what did you do to resolve? I set up Twitter poll here: It lasts for seven days. Thank you for taking part in the poll.
Posted By : Dragan Pleskonjic | 0 comments
Globally, many organizations are spending millions of dollars protecting their businesses and its enabling infrastructure, but are they really secure? We shall discuss answer to this question in a little while. We need to understand core basics before we ...
Posted By : SudireddyRamreddy | 2 comments
Buzzword - “Blockchain Technology”Introduction:The Internet has transformed the world. Of the several boons that Internet gave us, two of them deserve to be accentuated, namely “World Wide Web” and “Email”, which today are perhaps the most valued things o...
Posted By : rajeevj12 | 0 comments
Mi primer acercamiento real al Framework (o Marco de Referencia) de ISACA COBIT 5, fue a mediados del año pasado (2016) cuando decidí tomar un curso de examinación para la certificación de COBIT® 5 Foundation (Fundamentos de COBIT 5). La jerga técnica me ...
Posted By : MNUNEZA | 0 comments
There is need to for ISACA through our local; chapter to allow fees to be paid in installments or split invoices given the fact that in our country - one has to find currency first and then deposit into a VISA card account. Thus i can raise my exam and ma...
Posted By : Hamadzashe | 0 comments
Is bitcoin a bubble or something to stay for long time? If bitcoin is bubble, when it will burst? Have your say in poll I created on Twitter.  Follow this link: Thanks.
Posted By : Dragan Pleskonjic | 2 comments