UNIVERSIT UNIVERS ITA ATEA OVIDIUS CONSTANTA CONSTANTA FACULTA FACULTATEA DE STIINTE S TIINTE ECONOMICE ECONOMIC E MASTERAT ADMINISTRAREA SI AUDITUL PROIECTELOR DE AFACERI AUDITUL SI CONTROLUL INTERN AL PROIECTELOR
ANUL II, SEMESTRUL I
AUDITUL SISTEMULUI INFORMATIC LA FIRMA "SC MEGA GYM AT ATHLETIC SRL"
Student: GHEORGHE ELENA
Cuprins Prezentare firma...................................................................... 2 Numee !#ietati$$$$$$$$ !#ietati$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$
%$&
O'ie#t de a#ti(itate$$$$$$$$$$$$$ a#ti(itate$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$ Datee de identifi#are ae firmei$$$$$$$$$$$$$$ firmei$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$ Cndu#erea !#ietatii$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Or)ani)rama !#ietatii$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$% $% $%
%$Sistemul in!rmati"............................................................... # A(anta*ee f!irii +r)ramuui Smart ,i Standard$$$$$$$$$$$$$$$ Standard $$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$ $$$$$$$$$$$ $$$$$$ $EMITERE$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $. Emitere Fa#tura Nrmaa$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $/ Emitere Fa#tura Strn$$$$$$$$$$$$$$$$ Strn$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$ $/ Emitere Fa#tura Prfrma$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $/ Mdifi#are D#umente$$$$$$$$$$$$$$$ D#umente$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$ $0 INCASARI$$$$$$$$$$ INCASARI$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $0 CONFIGURARE$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $0 Date Firma$$$$$$$$$$$$$$ Firma$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$ $1 Emitere D#umente$$$$$$$$$$$$$$ D#umente$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $1 Cnfi)urari Pr)ram$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $&2 UNELTE$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $&2 RAPOARTE$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $&2 NOMENCLAT NOMENCLATOARE$$$$$ OARE$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$ $$$$$$$$ $&2
N!men"lat!r Clienti............................................................. $2 N!men"lat!r %e ser&i"ii....................................................... $' D!"umente......................................................................... $( Fa#tura 3fara #4itanta5$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Fa#tura 3#u #4itanta5$$$$$$$$$$$$$$ #4itanta5$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ Fa#tura +rfrma$$$$$$$$$$$$$$$ +rfrma$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$ Fa#tura !trn$$$$$$$$$$$$$$$$$ !trn$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$ C4itanta$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$&6 $&$&$&/ $&/
Rap!arte............................................................................. $) Ra+arte fa#turi$$$$$$$$$$$$$$$ fa#turi$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$ $&1 Ra+arte #4itante$$$$$$$$$$$$$$$$ #4itante$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$ $72 Ra+arte +rfrme$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $72
Au%itul intern...................................................................... 2$ Dierente intre au%itul intern si au%itul e*tern.....................2$ e*tern.....................2$ Au%itul sitemului in!rmati"................................................ 22 Ris"urile sistemului in!rmati"............................................ 22 Vulnera+ilitatile sistemului in!rmati"................................. 2( Amenintari asupra sistemului in!rmati".............................2# in!rmati"............................. 2# C!ntr!alele interne ale sistemului in!rmati"......................2 in!rmati"...................... 2 Cntraee )enerae$$$$$$$$$$$$$$$ )enerae$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$ $7. Cntraee de a+i#atie$$$$$$$$$$$$$$ a+i#atie$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$ $70
Met!%!l!-ia %e au%it........................................................... '$ CESTIONAR....................................................................... '$ C!n"luzii %espre sistemul in!rmati"................................... '( AVANT AVANTAJE AJE $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$ $%6 DEZAV DEZAVANTAJE ANTAJE $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $%6 CONCLUZIE : $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ %6
Prezentare firma
7
&$ Numele societati : Me)a G8m 7$ Obiect de activitate : 1%&% 9 A#ti(itati ae #entrer de fitne! %$ Datele de identificare ale firmei : •
Denumire: S$C$ Me)a G8m At4eti# At4eti# S$R$L$
•
Sediu !#ia : Str$ S tr$ Ieana Ieana C!aneana Nr$ 0
•
Numar de inre)i!trare a Re)i!tru Cmertuui: Cmertuui: ;&%<--/<72&&
•
CUI: RO70&61.%&
•
Cnt 'an#ar: RO6&,TRL2%22&72&T-%%&.==
• •
Numar de teefn: 2/7&12--./ E>mai: me)a)8m?me)a)8m$r
6$Conducerea societatii : Functia actuala Dire#tr Genera Dire#tr E=e#uti(
Numele si prenumele ,u#ur ,)dan Tudr Eena
5$Organigrama societatii :
%
DIRECTOR GENERAL
DIRECTOR E@ECUTI
ANTRENOR FITNES
ANTRENOR FITNES
ANTRENOR AERO,IC
RECEPTIONER
Scurta introducere
MEGA GYM este una dintre cele mai moderne sali de fitness din Constantacu !ro"rame !entru orice #arsta conditie fi$ica si sco! le"at de fitness sin"urele conditii fiind sa fii a!t !entru efort fi$ic sa stii ce #rei si sa #rei cu ade#arat sa reusesti% La noi #ei "asi !ro"ramul sau com&inatia de !ro"rame care ti se !otri#esc iti fac &ine iti fac !lacere sit e moti#ea$a sa !erse#ere$i astfel incat sa o&tii si sa'ti !astre$i conditia fi$ica !e care ti'ai dorit'o dintotdeauna%
6
Sistemul informatic Smart Bill Standard 202
Pentru realizarea de facturi in firma S.C. Bratul de Fier S.R.L. am folosit ca program de facturare ! Smart Bill Standard 2012 " Cu acest program putem emite urmatoarele tipuri de facturi: •
FACTURA !R"ALA
•
FACTURA ST!R!
•
FACTURA #R!F!R"A
$easemenea% putem alege si modalitatea de plata. #lata se poate face: O data #u emiterea fa#turii La data !ta'iita in fa#tura 3data !#adentei5 Prin 'an#a 3rdin de +ata5
A(anta*ee f!irii +r)ramuui Smart ,i Standard 72&7 in #u fa#turir ti+iate:
&$ Smart ,i #a#ueaa autmat ttu +entru dumnea(a!tra$ 7$ Fa#eti E#nmie de Tim+ !i ,ani$ Patiti !in)ura dataB +e iata %$ P!i'iitate de Cre#tare Gre!ei fara a anua D#umentu !au a fa#e ma)aei$ 6$ Emiterea !i Anuarea D#umenter !e fa#e e=trem de u!r $ -$ Si)uranta marita a D#umenter$ D#umentee !unt !a(ate in +r)ramB +utand !a e rei!tati in #au +ierderii !au deterirarii r$ .$ E(identa mut mai 'una a in#a!arir $ /$ Ra+arte d#umente !i !ituatii < !tati!ti#i $ 0$ Di(er!e mdee
-
Pentru a +utea emite fa#turi #u Smart ,i Standard 72&7 tre'uie mai intai !a #m+etam #u datee de identifi#are ae firmei !i anume:
Denumirea firmei
C$I$F$
Nr$ Re)i!tru Cmertuui
L#aitatea
;udetu
Adre!a
Ca+ita !#ia
Patitr de TA 3DA !au NU5
Teefn
Fa=
E>mai
Adre!a e'
Si)a firmei
Cnturi 'an#are
In +r)ramu de fa#turare Smart ,i Standard 72&7 a(em urmataree #meni: &"'T&R& 'CASAR' C!F'(URAR& U<& RA#!ART& !"&CLAT!AR&
" #$%'#
In a#e!t meniu +utem reaia urmataree u#ruri: .
•
&mitere Factura ormala
•
&mitere Factura Storno
•
&mitere Factura #roforma
•
"odificare $ocumente
#mitere Factura Normala
A#e!t ti+ de fa#tura e!te #e mai utiiat deare#e a (anarea +rdu!er firmei a#e!ta emite fa#tura firmei #are dre!te !a a#4iitinee a#e!te +rdu!e$ Pentru a +utea emite Factura Normala tre'uie #un!#ute datee firmei 3SC ,ratu de Fier SRL5 !i datee #ientuui 3#are !e )a!e!# in nmen#atru Cienti$ Du+a #m+etarea 3autmata5 a#e!tr date !e tre#e a #m+etarea #erate da te din fa#tura: o
Data 3e!te data autmat dar +ate fii !#4im'ata5
o
Seria fa#turii 3e!te data autmat5
o
Nr fa#turii 3e!te dat autmat5
A+i !e adau)a +rdu!ee +e #are e dre!te #ientu$ A#e!tea !e ae) dintr> i!ta 3#are a f!t definita +rin nmen#atru Prdu!e$ Se !#riu autmat #du +rdu!uuiB U$M$B +retuB #ta TAB !i +retu in#ude TA 3DA !au NU5 iar ni tre'uie !a #m+etam dar #u #antitatea drita$ La finaB da#a !e in#a!eaa in mmentu fa#turarii !e 'ifeaa: In#a!eaa a#um$ A+i !e #m+eteaa #u datee +er!anei #are a int#mit fa#tura 3nume !i CNP5B #u datee +er!anei dee)ate de #inet 3numeB 'uetin !i aut5 !iB du+a #aB #u data !#adentei 3da#a nu !e in#a!eaa +e #5 !i Mentiuni$ Cand fa#tura e!te )ata !e a##e!eaa 'utnu: S+re finaiare fa#tura$ Du+a a##ea !e Finaieaa fa#tura a+i !e ti+are!te +entru a fii ferita #ientuui$ #mitere Factura Storno
A#e!t ti+ de fa#tura !e f!e!te in #au in #are una din fa#turie emi!e anterir a f!t !#ri!a )re!it !au #ientu nu mai dre!te a#e +rdu!$ Pentru a +utea emite Factura Normala datee !e #m+eteaa autmat 3in#u!i( +rdu!ee5B numai #a +rdu!ee (r a(ea !emnu > 3minu!5$ Deaccea #aloarea facturii #a fi ne"ati#a%
#mitere Factura Proforma
A#e!t ti+ de fa#tura !e f!e!te in #au in #are #ientu nu ridi#a +rdu!ee in a#e mment !i (a (eni a data uteriara mment in #are (a +rimii !i fa#tura nrmaa$
/
Fa#tura +rfrma e!te #a !i fa#tura nrmaa dar #a nu !e in#a!eaa 'anii !i nu !e ei'ereaa +rdu!ee$ $odificare Documente
A#ea!ta #manda ne +ermite mdifi#area anumitr d#umente 3fa#turiB fa#turi !trnB fa#turi +rfrmaB #4itante5$ A#e!t u#ru nu e!te indi#at da#a fa#tura a f!t de*a inre)i!trata !i emi!a #atre #ient$ La intrarea in a#e!t meniu +rimim urmatru me!a*: (Aceste facilitati sunt !entru a #a a)uta la corectarea unor "reseli% *ecomandam modificarea documentelor doar in ca$ul sc+im&arilor minore% ,entru sc+im&ari ma)ore #a su"eram anularea sau stornarea%( 2"
%NC(S('%
In#a!arie !e +t fa#e in dua mduri: o
C4itanta +entru Fa#tura
o
In#a!are +rin ,an#a
C)itanta pentru Factura !e reaieaa atun#i #and am emi! fa#tura a anumita data dar a #are nu am in#a!at !uma de 'ani$ A#ea!ta !e fa#eB de 'i#eiB a data !#adentei 3#are e!te tre#uta +e fa#tura5$ Se emite #ientuui dar #4itantaB fa#tura fiind de*a a #ient$ %ncasarea prin Banca e!te mdaitate de +ata a unei fa#turi emi!e #atre un #ient #u data !#adenta$ Pentru a#ea!t ti+ de in#a!are nu !e emite ni#iun d#ument ttu fa#andu>!e +rin intermediu 'an#ii$ *"
CONF%+,'('#
In a#e!t meniu +utem reaia urmataree u#ruri: o
Date Firma
o
Cnfi)urare Emitere D#umente
o
Cnfi)urari Pr)ram
0
Date Firma Fara #m+etarea dater firmei nu +utem fa#e nimi# in a#e!t +r)ram$ La +rima +rnire a +r)ramuui ne a+are a#ea!ta ferea!tra unei tre'uie !a intrdu#em datee firmei: a- Denumirea firmei &- C%I%.% c- Nr% *e"istrul Comertului d- Localitatea e- Judetul f- Adresa "- Ca!ital social +- ,latitor de TVA /DA sau NUi- Telefon )- .a0 1- E'mail l- Adresa 2e& m- 3i"la firmei n- Conturi &ancare
Configurare #mitere Documente In a#e!t meniu a(em de #m+etat : *
Serii D#umente 3fa#turiB #4itanteB a(ieB +rfrme5
*
TA 3!e 'ifeaa una din +tiuniB de re)ua 765
*
Date afi!ate 3!e 'ifeaa datee +e #are e drim !a e afi!am +e fa#tura5
1
Configurari Program Ai#i (m ae)e #nfi)urarie )enerae +e #are e drim +entru +r)ramu n!tru$
-"
,N#.
Si a#e!t meniu are % #meni:
See#teaa firma a#ti(ata 9 deare#e +r)ramu ne +ermite !a tinem #nta'iitatea mai
mutr firme +uetem ae)e de fie#are data +entru #are firma !e u#reaa a#ti(and> +rin a#ea!ta #manda
Sa(eaa date 9 ne +ermite !a(area daterB in #au in #are a#e!tea !e +ierd din #aua
unr (unera'iitati !a a(em datee firmei re!+e#ti(e
Re!taurare date 9 ne +ermite !ter)erea dater !a(ate anterirB in #au in #are +r)ramu
nu mai e!te f!it a anumita firmaB de e=em+u$
5"
'(PO('
Ai#i )a!im ra+artee tuturr d#umenter +e #are e>am emi! a anumita firma: o
Ra+rt Fa#turi
o
Ra+rt C4itante
o
Ra+rt Prfrme
o
Ra+rt A(ie
Cu a*utru ra+arter +utem de+i!ta da#a i+!e!te anumita fa#turaB +utem (erifi#a da#a e=i!ta fa#turi ne+atite !au +utem (edea datee !#adente ae a#e!tra$
/"
NO$#NC.(&O('#
E=i!ta dua ti+uri de nmen#atare: o
Nmen#atr Prdu!e
o
Nmen#atr Cienti
&2
In Nomenclatorul Produse !e afa tate +rdu!ee firmei$ Cu a*utru a#e!tui nmen#atr nu mai e!te ne(ie !a intrdu#em inttdeauna +rdu!ee !i datee a#e!tra 3#dB +retB t(aB et#$5 #i dar ae)em +rdu!u drit !i #eeate date !e adau)a autmatB fiind ne(ie !a intrdu#eam dar #antitatea$ In Nomenclatorul Clienti !e afa tti #ientii firmei #u datee de indentifi#are ae fie#aruia$ La emiterea d#umenterB datrita a#e!tui nmen#atrB ae)em dar numee #ientuui 3din i!ta5 !i re!tu dater !e (r #m+eta autmat$ Datrita +r)ramuui Smart ,i Standard 72&7 B atun#i #and intdu#em #ienti in Nmen#atru Cienti e!te de a*un! !a #m+etam #am+u C$U$I$ !iB in #au in #are !untem #ne#tati a InternetB a+a!and !emnu re!+e#ti(e$
!e #m+eteaa autmat #u datee firmei
&&
Nomenclator Clienti
&7
Nomenclator de servicii
&%
Documente
Factura fara c)itanta1
&6
Factura cu c)itanta1
Factura proforma
&-
&.
Factura storno
C)itanta
&/
&0
'apoarte
'apoarte facturi
&1
'apoarte c)itante
'apoarte proforme
72
(uditul intern
Auditul intern este o e0aminare metodica reali$ata in #ederea determinarii daca acti#itatile si re$ultatele relati#e la su&iectul e0aminat satisfac dis!o$itiile !resta&ilite si daca aceste dis!o$itii sunt !use in o!era intr'un mod eficace si a!t in #ederea atin"erii o&iecti#elor% Auditu intern e!te in interiru unei entitati a#ti(itate inde+endenta de a+re#iere !au #ntr a +eratiirB fiind in !u'rdinea dire#ta a #ndu#atruui entitatii$ In a#e!t dmeniuB e e!te un #ntr #are are dre+t fun#tie e!timarea !i e(auarea efi#a#itatii atr #ntrae$ O&iecti#ul auditului intern e!te de a a!i!ta mana)ementu in e=er#itarea efi#a#e a re!+n!a'iitatir r furniand anaieB a+re#ieriB re#mandari !i #mentarii +ertinente referitare a a#ti(itatie e=aminate$ Auditru intern e!te (iat de tate faee a#ti(itatii entitatii #are intere!eaa #ndu#erea$ A#ea!ta im+i#a fa+tu de a a+ea a a!+e#te #nta'ie !i finan#iareB dar !i te4ni#e +entru atin)erea unei intee)eri de+ine a +eratiir e=aminate$ Diferente intre auditul intern si auditul etern
Daca auditul e)tern ofera ser#icii si este inde!endent din !unct de #edere )uridic auditul intern face !arte din functiile intre!rinderii% In !e#tru +ri(atB auditrii e=terni !unt numiti de a#tinariB #are e !ta'ie!# !i +eriada de tim+ +e #are !a auditee !i tt a#e!tra e ra+rteaa$ In !e#tru +u'i#B +rin ana)ieB !e !i#ita #ertifi#are in numee !tatuuiB re+reentat tt de in!titutie inde+endentaB in #au Rmaniei a#ea!ta in!titutie e!te Curtea de Cnturi$ In #au audituui internB 'enefi#iaru #n#uiir reutate e!te mana)ementu entitatiiB iar in #au audituui e=tern de re)ua tti #ei #are dre!# #ertifi#are a #nturir: 'an#iB autritatiB a#tinariB #ientiB furniri !$a$ Din +un#tu de (edere a 'ie#ti(er urmarite de auditu intern a#e!ta e(aueaa !i!temu de #ntr intern !i da a!i)urari mana)ementuui #a a#e!ta fun#tineaa$ Auditu e=tern #ertifi#a e=a#titatea #nturir !i a !ituatiir finan#iareB #are #n!ta in re)uaritateaB !in#eritatea !i ima)inea fidea a de#aratiir finan#iare finae$ Cu a#ea!ta #aieB auditu e=tern e(aueaa !i e !i!temu de #ntr internB dar numai +entru eemente de natura finan#iar>#nta'ia$ Auditru e=tern are inde+endenta !+e#ifi#a tituaruui unei +rfe!ii i'ereB re)ementata *uridi# !i !tatutarB e fiind inde+endent fata de #ientu !au$ C4iar !i in #au audituui +u'i# e=tern a#ea!ta inde+endenta !e +a!treaaB fiind re)ementata #ar +rin a#tee nrmati(e !i !tandardee de u#ru$ In#m+ati'iitatie a #are e!te !u+u! un auditr +u'i# e=tern #ndu# a +remia unui audit inde+endent !i e#4idi!tant$ Nu a#ea!i u#ru !e +ate !+une de!+re auditru intern #are e!te inde+endent in e=er#itarea fun#tiei !ae in !en!u unei inde+endente a )andirii !i a ratinamentuui +rfe!ina fata de !u'ie#tee +e #are e auditeaaB dar in a#ea!i tim+ e!te de+endent +rin fa+tu #a a+artine entitatii !i de+inde de !tandardee +rfe!inae interne +e #are tre'uie !a e re!+e#te$ Cnfrm iteraturii de !+e#iaitate in auditu intern a'rdarea e!te una in fun#tie de ri!#uri !i are de(ia: ri#are ar fi !e#truB dmeniu de a#ti(itateB !e (a audita #u a#eea!i te4ni#i !i 7&
in!trumente$ Auditu e=tern !e )4ideaa du+a metd)ie +re#i!aB !tandardiata !i !e 'aeaa +e in(entareB inter(iuriB #4e!tinareB anaieB #m+aratiiB ra+arte !$a$
(uditul sistemului informatic
Un sistem informatic e!te un !8!tem #are +ermite intrdu#erea de date +rin +r#edee manuae !au +rin #ue)ere autmata de #atre !i!temB !t#area a#e!traB +reu#rarea r ș i e=tra)erea infrmației 3reutater5 !u' di(er!e frme$ Auditul unui sistem informatic consta in efectuarea controlului intern in sistemul informatic !entru #erificarea corectitudinii re$ultatele !relucrarilor reali$ate in interiorul sau distri&uirii acestora numai de catre utili$atori autori$ati in ca$ul in care distri&uirea se face automat folosind sistemului de calcul% Pentru efe#tuarea #ntruui intern intr>un !i!tem infrmati# !e f!e!# ma!uriB metde !i te4ni#i de (erifi#are a #re#titudinii reutater +reu#rarir reaiate in interiru !au #un!#ute in iteratura de !+e#iaitate !u' denumirea de #ntrae$ In #n#uieB Auditu Si!temer Infrmati#e e!te a#ti(itate +anifi#ata de e(auare a !i!temuui infrmati# +e 'aa +r'er de audit in !#+u emiterii unei +inii #aifi#ate !i 'ie#ti(e +ri(ind #nfrmitatea !i!temuui #u e)i!atiaB #u !tandardee in dmeniu !i ttdata a!u+ra #a+a#itatii !i!temuui infrmati# de a !u!tine efrtu de reaiare efi#ienta a 'ie#ti(er !trate)i#e a r)aniatiei$
'iscurile sistemului informatic Im+a#tu ri!#urir afe#teaa afa#eriie firmei in#e+and #u ima)inea firmei +u'i#itatea !a in mediu de afa# +ierderea unr #ienti B a unr ate de!+re +arteneri !i e=+unerea #ientir firmei a amenintari #eea #e uneri atra)e #4iar a#tiuni in *u!titie +t 77
+re*udi#ii #auate de ne)i*enta #a de e=em+uL: trimiterea unr m!* ernate #ientir B furnirir$ Fraudarea firmei e!te ata +ierdereB diminuarea indi#atrir de efi#inta +rin redu#erea #ifrei de afa#eriB #re!teri ae #!turir +t remedierea dauner !i in(e!titii Ri!#urie #are +t afe#ta Si!temu Infrmati# !unt: " 'iscuri fizice3
Ori#and !e +ate !tri#a +i!a a !i!temuui infrmati# !i +r)ramu< +r)ramee f!ite +t fii afe#tate tta !au +artia$ 2" 'iscuri logice3
A#e!te +r'eme +t a+area din mai mute #aue #um ar fii intrdu#erea unr date )re!iteB u#ru #e du#e a ruarea ernata a +r)ramuui$ *" 'iscuri de functionare a S"%"3
Pt e=i!ta ie in #are !i!temu infrmati# nu fun#tineaa din diferite #aue 3#urentu +ritB defe#tarea fii#aB et#$5$ A#e!t u#ru du#e a ne+utinta de a f!ii +r)ramu< +r)ramee intr> firma iar a#ea!ta nu +ate fun#tina a +arametrii nrmai$ -" 'iscuri financiare3
Din #aua +r'emer finan#iare nu !e +ate re+ara un S$I$ defe#t !au B a ne(ieB #um+ararea unuia nu !i a#e!t u#ru du#e a deruarea defe#tua!a a firmei$ 5" 'iscuri de mediu3
A#e!te ri!#uri a+ar atun#i #and !e f!e!te un S$I$ #are dauneaa mediu in#n*uratr$ /" 'iscuri de securitate3
Ori#e !i!tem infrmati# e!te +redi!+u! a ri!#uri de !e#uritate #are +t a(ea # din ne)i*enta an)a*atirB !au atr +r'eme inter(enite in S$I$ 3(iru!iB !+ar)erea de #nturiB et#$5 4" 'iscurile de organizare3
Atun#i #and 'aa< 'aee de date nu a f!t a#tuaiate !i din a#ea!ta #aua !e (r )a!i erri in emiterea unr d#umente f!ind un anumit +r)ram$
7%
ulnerabilitatile sistemului informatic '. 'dentificatorul *'$+ anga,atilor concediati nu este eliminat din sistem Sursa amenintarii : Saariati #n#ediati (ctiunea amenintarii : Cne#tare a reateaua r)aniatiei !i a##e!eaa datee a#e!teia$ ''. Fire-allul companiei permite un acces la sistem prin ser/iciul Telnet Sursa amenintarii : Utiiatri neautriati 34a#eriB terri!tiB an)a*ati #n#e diati5 (ctiunea amenintarii : Utiarea !er(i#iuui TenetB +ermite a##e!u a fi!ieree din !i!tem$ III. Unul din partenerii societatii a identificat slaiciuni in proiectarea securitatii sistemului% sistemul in sine furniandui diferite metode de remediere a acestora Sursa amenintarii : Utiiatri neautriati (ctiunea amenintarii : O'tinerea a##e!uui neautriat a fi!ieree !en!i'ie ae !i!temuuiB 'aat +e (unera'iitati #un!#ute$ IV. Centrul de prelucrare automata a datelor foloseste pentru stingerea incendiilor imprastietoare de apa *incastrate in ta/an+ fapt ce poate afecta in mod negati/ ec3ipamentele 3ard-are. Sursa amenintarii : F#B +er!ane ne)i*ente (ctiunea amenintarii : De#an!area autmata a !tin)atarer de in#endii$
76
(menintari asupra sistemului informatic Sursa3 4ac1eri crac1eri (ctiunea3 Intruiuni in !i!temB ata#uri de ti+ "4a#in)"B a##e! neautriat a !i!tem Sursa3 Criminalitate informatica (ctiunea3 A#te fraudua!eB a#tiuni de ti+ !+fin)B intruiuni ae !i!temuui$ Sursa3 Terorism (ctiunea3 Penetrarea !i!temuuiB interferarea !i!temuui in md di!tru#ti($ Sursa3 3!iona) industrial (ctiunea3 Penetrarea !i!temuuiB a##e! neautriatB #a+tarea dater dintr> inie de #muni#atie ne+rte*ata$ Sursa3 Atacuri ale an"a)atior (ctiunea3 Fraude !i erriB #ru+erea daterB intrdu#erea unr date fa!eB a##e! neautriat a !i!temB intrdu#erea (iru!irB #aii trieniB et#$
7-
Controalele interne ale sistemului informatic
In mare +arte a#ti(itatea e#4i+ei de audit e!te re+reentata de !i!temu de #ntrae interneB a!a #um a reutat !i din definirea 'ie#tuiui audituui !i!temer infrmati#e$ Auditru tre'uie !a #una!#a #e #ntrae tre'uie !a #ertifi#e !i #um !e a+i#a #ntraee +t #a a#ti(itatea !i!temuui infrmati# !a !e de!fa!are #re#t fara erri !i di!fun#tinaitati$ Controalele se grupeaa in doua clase: &$ Cntraee )enerae 7$ Cntraee de a+i#atie
Controalele generale
3unt acele controale care se a!lica la ni#elul intre"ului sistem informatic al or"ani$atiei tuturor com!artimentelor im!licate in reali$area si functionarea sistemului !entru certificarea !roiectarii reali$arii im!lementarii e0!loatarii si de$#oltarii corecte a intre"ului 3I% " controalele privind planificarea si organizarea S%" 2" Controalele ale ciclului de viata a sistemului *" Controalele de securitate ale S% -" Controalele managementului sc)imbarilor in sistemul informatic
" Controalele privind planificarea si organizarea S%"
Panifi#area SI tre'uie inteea!a #a !i +anifi#area +rdu#tiei in !en!u #a tre'uie !a ne !ta'iim tintee +entru (iitr #eea #e tre'uie fa#ut in (iitr #u #e re!ur!e !i #e 'enefi#ii$ Auditu tre'uie !a #n!tate da#a e=i!ta un +an !trate)i# !i un +an +eratina +entru SI$ Panu !trate)i# tre'uie !a #ntina dire#tiie de de(tare ae !i!temuui +e termen un)B in tim+ #eB +anu +eratina are un rint mai mi# de +ana a % ani$ Pr'emee r)aniatri#e !unt de!e'it de im+rtante a(and in (edere e)aturie infrmatinae +e #are e a!i)ura SI +t$: autmatiarea +r#e!er de +reu#rare +ana a ni(eufie#arui +!t de u#ru #muni#area dater atat in interiru firmei #at !i in e=teriru !au in +rimu rand #u #ientii !i furnirii firmei !u+rt +entru fundamentarea +r#e!er de#iinae
2" Controale privind ciclul de viata ale sistemului
In #adru a#e!tr #ntrae di!tin)em urmataree eta+e 7.
!tudiu de fea'iitate anaia !i frmuarea #erinter +rie#tarea reaiarea im+ementarea
Studiul de feailitate !ta a 'aa de#iiei +ri(in +rtunitatea !i efi#ienta reaiarii +rie#tuiui SI$ Auditru +rin d#umentarea +e #are fa#e (a #ertifi#a da#a a#ea!ta de#iie e!te #nfrma #u !trate)iaB #u 'ie#ti(ee firmei !i da#a !e 'aeaa +e anaia +ertinenta #!t>'enefi#iu$ Analia si formularea cerintelor informationale are im+rtanta ma*ra +entru auditu !i!temuui infrmati# +entru #a !e (erifi#a fa+tu #a !>au identifi#at #re#t #erintee utiiatrir finai +re#iate in !+e#ifi#atiie de !i!tem$ #roiectarea e!te in atentia auditruui +entru (erifi#area #ntraer )enerae !u' a!+e#tu re!+e#tarii #nfrmitatii #u #erintee initiae a !+e#ifi#atiir +entru 'aa de dateB a !+e#ifi#atiir de +r)rame +entru #rearea unui +an +entru te!tarea !e#uritatii !i !ta'iirea unui #ntr frma a mdifi#arir ne#e!ar +re(enirii mdifi#arir ne#ntrate ae +r#e!uui de reaiare a !i!temuui$ Realiarea e!te eta+a in #are #ntraee )enerae (ieaa utiiarea #re#ta a !+e#ifi#atiir de reaiare a +r)ramerB +r#edurir autmateB definirea fu=urir infrmatinaeB definirea frmei !i frmatuui +entru ie!iriB intrariB reaiarea nmen#atarer de #duriB reaiarea !i a!i)urarea unui #ara#ter m)en !i unitar +entru interfata #u utiiatru$ 'mplementarea e!te eta+a in #are #ntraee au im+rtanta !i mai mare +entru #a !e in#4eie +r#e!u reaiarii !i!temuui !i in #n!e#inta auditu tre'uie !a e(auee te!tareaB #ertifi#area !i a#reditarea SI$ *" Controalele de securitate (u ca scop verificarea accesului utilizatorilor la sistem6 identificarea 6 autentificarea si autorizarea utilizatorilor si a drepturilor acestora de acces si prelucrare" #rincipalele aspecte /iate de controalele generale si legate de securitatea sistemului sunt: E0istenta si functionarea unei structuri de administrare a securitatii in care sa se
re"aseasca de e0em!lu functii si atri&utii !entru administratorul resurselor informatice si de comunicatie Controlul si administrarea !arolelor si a dre!turilor utili$atorilor Controlul lo"ic !entru accesul la instalarea si confi"urarea de ec+i!amente si !ac+ete soft2are Controlul !rocedurilor de monitori$are a !re#enirii comunicarii si solutionarii incidentelor de securitate Controlul de securiatete fi$ica Controlul !rocedurilor de reali$are a co!iilor de si"uranta
7/
-" Controalele managementului sc)imbarilor in sistemul informatic Obiectivul este acela de a verifica ca toate modificarile aduse aplicatiilor sunt corect autorizare si aprobate inaintea implementarii" Controalele de aplicatie
De la ni#elul intre"ului sistem se trece la com!onentele sistemului a!licatiile informatice% Cntraee interne urmarite de auditu a+i#atiir tre'uie !a a#+ere urmatarea arie de +r'eme: > #ntru #aitatii a+i#atiirJ > #ntru ade#(arii fun#tinaitatii a+i#atiir a #erintee unui #ntr efi#ientJ > fia'iitatea a+i#atiir$ " CON&'O.,. C(.%&(&%% (P.%C(&%%.O'
Caitatea a+i#atiir !e a!i)ura +rin #aitatea #m+nenter eementare ae a+i#atiir IT: datee de intrareJ +r#e!er de +reu#rareJ datee de ie!ireJ inte)ritatea 'aei de date$ Atri'utee #aitatii +e #are tre'uie !a e a(em in (edere !unt: #m+etitudineaB #re#titudinea #a#uerB (aiditate +e 'aa (erifi#arir )i#eB autriare !i !e+ararea indatririr 9 !e)re)atin f dutie!$
2" CON&'O.,. (D#+('%% F,NC&%ON(.%&(&%% (P.%C(&%%.O' .( C#'%N.# ,N,% CON&'O. %N'N #F%C%#N&
Are in #edere includerea de )aloane de control inca din eta!a de !roiectare !entru a fi mai usor #alidate de auditori% Aceasta cerinta inseamna ca aplicatiile informatice treuie sa includa: +r#eduri de (aidare a +eratir de intrdu#ere a dater de intrare de #atre +er!anee #u re!+n!a'iitati +e inia autriarii intrarie$ +r#eduri de )enerare a unr ra+arte #are !a ine!nea!#a #ntru intrdu#erii
dater in !i!tem 9 de e=em+u i!tri#u intrdu#erii dater 'tinut +rin *urnaiare
70
+r#eduri de (aidare a #n#rdantei ie!iri 9 intrari ree(ante +entru #reatiie
dintre +r#e!ee de#iinaeB indi#atrii !inteti#iB !ituatiir de ie!ireB date de intrareB #reatii #n#rdanta #are a!i)ura #n!i!tenta a+i#atiir infrmati#e$
*" F%(B%.%&(( (P.%C(&%%.O' Urmareste modul in care a!licatiile se com!orta in conditii e0treme la limita% 3e testea$a tim!ul de ras!uns si res!ecti# riscul de &locare cand o a!licatie rulea$a cu !arametrii setati la #alori ma0ime% De e0em!lu &a$a de date este !o!ulata cu numarul ma0im de inre"istrari interfata de comunicare este accesata de un numar foarte mare de utili$atori care initia$a un numar foarte mare de tran$actii etc%
CONTROLUL DATELOR DE INTRARE Validarea datelor se diferentia$a in functie de modalitatile de introducere a datelor si !articularitatile si !articularitatile fi$ice ale ec+i!amentelor de introducere a datelor% A#em astfel urmatoarele situatii5 • date intrdu!e dire#t de !taffu de #ndu#ereB de +er!nau neinfrmati#ian !au de +er!nau !+e#iaiatJ • date intrdu!e de a di!tanta de #atre +artenerii dintr> a+i#atie Ke'J • date intrdu!e de a di!tanta +rin !#anarea d#umenterJ !#anarea #durir de 'areB !#anarea #durir RefIDJ • date intrdu!e +rin +un#te ATM
un fi!ier ti+ nmen#atrB #ntr #are (erifi#a in#adrarea in imite de (er!imiitate !i rena'iitateJ controlul eistentei datelor si a relatiilor de corespondenta dintre date B admiterea !au neadmiterea (arii nueB (erifi#area re!tri#tiei de inte)ritate a entitatii !i a re!tri#tiir de inte)ritate referentiaaJ controlul cifrelor de control B controlul tranzactiilor lipsa sau al tranzactiilor duplicate $
CONTROLUL PRELUCTARILOR Aceste controale urmaresc ca !rocedurile de !relucrare sa fie autori$ate com!lete si corecte%
71
4erificarea autoriarii are in /edere mai multe aspecte: ⊕ i#enteeB ⊕ (er!iunieB ⊕ +er!anee #are au dre+turi +entru in!taariB ⊕ dein!taariB ⊕ de(iru!ariB ⊕ #nfi)urarea !i!temuui !i !etarea +arametrir !i +tiunir im+i#iteB ⊕ 'a#u+>uriB ⊕ initierea de +r#eduri de +reu#rare #urente$
CONTROLUL INTEGRITATII ,AELOR DE DATE
Acest control urmareste !re#enirea si eliminarea amenintarilor ca datele memorate sa fie distruse sau alterate% Cntru +reu#rarir +eratiir de a#tuaiare e!te farte im+rtant +entru inte)ritatea !i!temuui$ De a#eea !e +ra#ti#a +a!trareaB aaturi de &ac1u!'urile !eriodice !i a unr liste de control #reate +rin *urnaiarea +r#edurir de a#tuaiareB dar !i a atr +r#eduri #riti#e de +reu#rareB #are ar +utea denatura #ntinutu 'aer de date$ E!te utia #a#uarea unr indicatori statistici #are e(identiaa ti+u !i fre#(enta a+i#atiir ruateB numaru de in#idente dar !i a unr totaluri de control +entru urmarirea a#tuaiarii in !+e#ia a fi!ierer +rin#i+ae ae a+i#atiir$ CONTROLUL DATELOR DE IESIRE Controlul datelor de iesire urmareste mai multe directii: → distribuirea iesirilor7 → confruntarea outputurilor6 → reconcilierea si corectarea erorilor7 → manipularea si pastrarea iesirilor"
In cadrul acestor cate"orii de controale de a!licatii se !ot face "ru!ari ale controalelor s!ecifice mentionate du!a di#erse criterii% (stfel controalele de aplicatii pot fi3 #ntrae manuaeJ -
-
-
-
-
-
#ntrae autmateJ #ntrae !u'!tanti(eB indi(iduaeJ #ntrae #n*u)ateB e)ateJ #ntrae #nfi)ura'ieB #ntrae de )ranita +entru datee #e +r(in din afara !i!temuui$
%2
$etodologia de audit (uditorul trebuie sa8si planifice auditul pentru ca misiunea de audit sa se desfasoare in mod eficient" Planificarea unui audit implica stabilirea strategiei generale de audit si elaborarea unui plan pentru a diminua riscul de audit la un nivel acceptabil de scazut" 3trate"ia "enerala de audit !ta'ie!te: aria de a+i#a'iitate a audituui inter(au #aendari!ti#J re!ur!ee !i mana)ementu audituui
Strategia ofera indrumari referitoare la elaorarea unui plan de audit.
N%#.,. '%SC,.,% $aim $oderat $inim
N%#.,. '%SC,.,% $aim $oderat $inim
Riscul accesului fiic D#SC'%#'#
Statiie de u#ru !i #eeate re!ur!e infrmatinae !unt a##e!i'ie tuturr +er!aner #are au a##e! in !ediu intre+rinderii Re!ur!ee infrmatinae !unt #aiate in 'irurie in #areB in md nrmaB +er!anee din afara r)aniatiei nu au a##e! Re!ur!ee infrmatinae !unt #aiate in ne in #are ni#i +er!ana autriata nu are a##e!
Riscurile asociate retelei D#SC'%#'#
Si!temu IT utiieaa #muni#atii +rin #ne=iuni a retee +u'i#eB de e=$ Internet Si!temu IT utiieaa retea +ri(ata +entru #muni#atii Si!temu IT nu e!te #ne#tat a retee e=terne
(CC#S F%9%C $aim $oderat $inim
"atricea riscului accesiilitati generale (CC#S '#( $aim $oderat Ma=im Ma=im Ma=im Mderat Mderat Minim
$inim Mderat Minim Minim
C:#S&%ON(' pentru evaluarea sistemului informatic
D(
%&
N,
OBS#'(&%%
N'" (" %nfrastructura )ard;are < soft;are Cre!+und ti+u !i dimen!iunea !i!temuui !i a+i#atiir ne#e!itatir in!titutiei Dtarea 4ardare !i !ftare e!te 2 !ufi#ienta Si!temu !i a+i#atiie !unt admini!trate * #re!+unatr A!i!tenta te4ni#a aferenta e#4i+amenter !i a+i#atiir e!te #re!+unatare
@ @ @ @
B" ,tilizare < Functionalitate 5
Cum a+re#iati a+i#atiie din +un#t de (edere a difi#utatii utiiarii a#e!tra
/
Cn!iderati #a tim+u de +reuare !ia redu!
4 = >
0
2 *
A+i#atiie utiiate du# a diminuarea numaruui de erri Sunt e(itate +araei!mee Se +t furnia infrmatii mai ra+id #atre #ndu#ere E=i!ta #erinte !u+imentare fre#(ente nea#+erite de a+i#atiie afate in e=+atare Cn!iderati +rtuna e=tinderea fa#iitatir a+i#atiir anaiate !au reaiarea unr a+i#atii ni A+i#atiie refe#ta in md #re!+unatr +re(ederie e)ae
MEDIU IN COMPARATIE CU FACTURILE TIPIATE MAI ALES LA CALCULE
@ @ @
DEOARECE TOTUL ESTE ELECTRONIC
@
@
@ @
Sunt a#e!tea a#tuaiate in tim+ uti
DACA SUNTEM CONECTATI LA INTERNET
@
C" %nstruire utilizatori -
Cum a+re#iati #aitatea d#umentatiei te4ni#e E!te ea !ufi#ientaB utiaB a#+eritareBa#tuaiata
5
Temati#a +ri(ind in!truirea utiiatrirB infrmati#ieni !i neinfrmati#ieniB a f!t !ufi#ienta
@
@
%7
PROGRAMUL SE ACTUALIEAA DE FIECARE DATA MULTE LUCRURI CARE NU SUNT E@PLICATE SUFICIENT
/ 4
Au a+arut ne#e!itati !u+imentare e)ate de +re)atirea +er!nauui A f!t #n!tatata #re!tere a +erfrmantei +er!nauui
@ @
D" (preciere generala =
>
20
2
22
Se reaieaa redu#ere a #!turir 3#n!uma'ieB #4etuiei +!tae et#$5B #a urmare a im+ementarii a+i#atiir Ofera !i!temu fa#iitati de (erifi#are ra+ida a #ntri'ua'iir ina#ti(i Sunt a#e!tia (erifi#ati +eridi# !i de #atre #ine Permite !i!temu e(identierea #ntri'ua'iir #are nu de+un de#aratiie #nfrm mduui in #are au f!t inre)i!trati Dar a #er #are nu>!i a#4ita 'i)atiie Da#a daB +re#iati +r#entu a#e!tra fata de numaru tta a #ntri'ua'iir inre)i!trati$ Cn!iderati #a a+i#atiie #ntri'uie a im'unatatirea a#ti(itatii in!titutiei
%%
@ PUTEM FACE ACEST LUCRU PRIN ERIFICAREA TERMENELOR DE PLATA
@
@
@
@
Concluzii despre sistemul informatic A4ATA5& : ⊕ A(em nmen#atare +entru +rdu!e !i +entru #ienti !i nu tre'uie !a intrdu#em ⊕
de fie#are data datee a#e!tra Cand adau)am un +rdu! !au un #ient nu !untem intre'ati da#a (rem !a i
⊕
adau)am in nmen#atr Cand intrdu#em in nmen#atru de #ienti un #ient nu e!te de a*un! !a intrdu#em CIF !i !a a+a!am 'utnu md autmat 3a#tuaiate a i5
!i datee a#e!tuia !e (r intrdu#e in
$&6A4ATA5& : ⊗ Nmen#ataree nu !e +t im+rta dintr>un fi!ier e=terir 3e=#eB rdB et#$5 ⊗ Nu +utem (edea #ate d#umente a emi! fie#are an)a*at 3!eriie !i numeree ⊗
mer) in #ntinuare indiferent de +er!ana #are int#me!te d#umentu5 D#umentee +t fi mdifi#ate ri#and !i de ri#ine fara a !e (edea a#e!t u#ru unde(a
C!CLU6'& : In #n#uie +r)ramu de fa#turare Smart ,i Standard 72&7B Si!temu Infrmati# +entru #are a f!t efe#tuat AudituB e!te uti dar e!te re#mandat !a fie f!it mai mut in firme mi#i 3ma=$ &2 an)a*ati5 !i mai +utin in firme mi*#ii !i mari !i de +referat !a fie !in)ura +er!ana #are !a i utiiee +entru a nu e=i!ta mdifi#ari nedrite de #atre anumita +er!ana in dre+tu ateia$
%6