ABSTRACT
A database is a repository for data, both between and during processing. In traditional business systems, transactions constitute an organization’s data. Data management functions that were performed by application programmers in non-database systems may be performed by people independently of the application project team. Therefore, the application project team, and thus the user, must rely on the integrity of data managed by others. A more sophisticated database can involve multiple users. A loss of integrity in this type of database environment can be catastrophic to the organization as a whole. Before conducting an internal control review, the auditor must understand the control environment in which the database operates. Such an understanding is also helpful in conducting tests of the control environment. The center of the control environment is the data base management systems. As the name implies, it manages the environment, as opposed to reading and writing data to the database.
