SAQA All qualifications and part qualifications registered on the National Qualifications Framework are public property. Thus the only payment that can be made for them is for service and reproduction. It is illegal to sell this material for profit. If the material is reproduced or quoted, the South African Qualifications Authority (SAQA) should be acknowledged as the source.
SOUTH AFRICAN QUALIFICATIONS AUTHORITY 
REGISTERED UNIT STANDARD THAT HAS PASSED THE END DATE: 

Identify, implement and manage Information System financial control strategy 
SAQA US ID UNIT STANDARD TITLE
12978  Identify, implement and manage Information System financial control strategy 
ORIGINATOR
SGB HET Accountancy and Financial Management 
PRIMARY OR DELEGATED QUALITY ASSURANCE FUNCTIONARY
FASSET - Financial and Accounting Services SETA 
FIELD SUBFIELD
Field 03 - Business, Commerce and Management Studies Finance, Economics and Accounting 
ABET BAND UNIT STANDARD TYPE PRE-2009 NQF LEVEL NQF LEVEL CREDITS
Undefined  Regular  Level 6  Level TBA: Pre-2009 was L6  12 
REGISTRATION STATUS REGISTRATION START DATE REGISTRATION END DATE SAQA DECISION NUMBER
Passed the End Date -
Status was "Reregistered" 
2018-07-01  2023-06-30  SAQA 06120/18 
LAST DATE FOR ENROLMENT LAST DATE FOR ACHIEVEMENT
2024-06-30   2027-06-30  

In all of the tables in this document, both the pre-2009 NQF Level and the NQF Level is shown. In the text (purpose statements, qualification rules, etc), any references to NQF Levels are to the pre-2009 levels unless specifically stated otherwise.  

This unit standard does not replace any other unit standard and is not replaced by any other unit standard. 

PURPOSE OF THE UNIT STANDARD 
People credited with this unit standard are generally found within the accounting field. On successful completion of the unit standard, people will be able to determine an effective Information System control strategy for a business entity and oversee its implementation. 

LEARNING ASSUMED TO BE IN PLACE AND RECOGNITION OF PRIOR LEARNING 
  • Unit standards for Basic Computer literacy at NQF level 5
  • Unit standard, Provide advice on controls appropriate in the information systems environment, NQF level 6 

  • UNIT STANDARD RANGE 
    Basic and complex businesses. 

    Specific Outcomes and Assessment Criteria: 

    SPECIFIC OUTCOME 1 
    Identify controls necessary in business cycles and their related Information System environments. 

    ASSESSMENT CRITERIA
     

    ASSESSMENT CRITERION 1 
    1. The objectives of control in business and related IS environments is explained in relation to risk, processing controls, IT audits, responsibilities and operational efficiency and effectiveness. 

    ASSESSMENT CRITERION 2 
    2. The reliability of financial reporting is described in line with control objectives in a business and IS environment. 

    ASSESSMENT CRITERION 3 
    3. Compliance with applicable laws and regulations relating to the business IS environment is explained to clients in a meaningful manner. 

    ASSESSMENT CRITERION 4 
    4. A framework for control in the business is determined in consultation with subject matter experts, and includes all aspects required for effective control of the IS environment. 

    SPECIFIC OUTCOME 2 
    Establish and evaluate the controls necessary for the information system implementation process. 

    ASSESSMENT CRITERIA
     

    ASSESSMENT CRITERION 1 
    1. The controls necessary for information systems developed in-house (e.g. management agreement for development, documentation, enforcement of standards, adequate testing, structure of programs (modularity)) are established and evaluated. 

    ASSESSMENT CRITERION 2 
    2. The controls necessary for acquired information systems (i.e. developed by a software house, off-the-shelf purchase) (e.g. appropriate license, development source known) are established and evaluated. 

    ASSESSMENT CRITERION 3 
    3. The data developed for, and the execution of user acceptance tests (e.g. all functions, range checks, invalid transactions) is evaluated. 

    ASSESSMENT CRITERION 4 
    4. The controls necessary for systems conversion (e.g. accuracy of data continuation of service) are established and evaluated. 

    SPECIFIC OUTCOME 3 
    Participate in the implementation of Information System controls. 

    ASSESSMENT CRITERIA
     

    ASSESSMENT CRITERION 1 
    1. Implementation involves preparation of the control environment in accordance with the culture and structure of the organisation. 

    ASSESSMENT CRITERION 2 
    2. Communication to all stakeholder regarding the IS control methodology and assignment of authority and responsibility is planned for and undertaken in line with stakeholder characteristics. 

    ASSESSMENT CRITERION 3 
    3. The documentation and application of system selection, acquisition and or development controls is ensured consistently. 

    ASSESSMENT CRITERION 4 
    4. System implementation controls are adhered to in relation to acceptance testing and system conversion methodologies. 

    ASSESSMENT CRITERION 5 
    5. Input is provided to system and programme change control design and implementation in line with quality control management techniques. 

    ASSESSMENT CRITERION 6 
    6. Participation in the implementation of risk assessment methodologies and applications is undertaken to ensure ongoing adherence. 

    SPECIFIC OUTCOME 4 
    Manage business cycle and Information System control strategies. 
    OUTCOME RANGE 
    Accounting system, Control procedures, Control design, Control over data and system integrity, Continuity of processing/ disaster recovery planning and control, IS processing/operations 

    ASSESSMENT CRITERIA
     

    ASSESSMENT CRITERION 1 
    1. Control activity establishment and monitored is ensured in accordance with quality management principles. 

    ASSESSMENT CRITERION 2 
    2. Control activity documentation in policy and procedure format is ensured through consultation with relevant stakeholders. 

    ASSESSMENT CRITERION 3 
    3. Control activities and compliance is monitored and evaluated in accordance with agreed upon quality mechanisms and in relation to the roles of management users, internal auditors and external auditors. 

    ASSESSMENT CRITERION 4 
    4. Appropriate feedback on quality management control activities is provided to all stakeholders on an ongoing basis. 

    SPECIFIC OUTCOME 5 
    Evaluate disaster recovery and contingency plans. 

    ASSESSMENT CRITERIA
     

    ASSESSMENT CRITERION 1 
    1. The steps in performing a risk-analysis (e.g. determine vulnerabilities, estimate likelihood of exploitation, compute expected loss) are defined. 

    ASSESSMENT CRITERION 2 
    2. An organisation's policy on security (e.g. goals, responsibilities, level of commitment to security) is evaluated. 

    ASSESSMENT CRITERION 3 
    3. The organisation's procedures for taking, storing and restoring backups of data and programs (e.g. grandfather-father-son, remote site) are evaluated. 

    ASSESSMENT CRITERION 4 
    4. An organisation's disaster-recovery procedural plan (e.g. steps to be taken for each type of disaster, responsibilities, frequency of tests, extent of tests, frequency of updates) is evaluated. 

    ASSESSMENT CRITERION 5 
    5. The measurements to be used to evaluate the effectiveness of the alternative processing facility (e.g. availability of critical applications and data, performance) are named. 

    ASSESSMENT CRITERION 6 
    6. The particular difficulties related to disaster recovery in the on-line environment (e.g. down-time, availability of data, response-times) are named. 


    UNIT STANDARD ACCREDITATION AND MODERATION OPTIONS 
    Accreditation for this unit standard shall be obtained from the relevant Education and Training Quality Assurance Body, through summative assessment by a registered assessor.

    Moderation activity comments by SGB's, organisations and individuals may be forwarded to NSB03. 

    UNIT STANDARD ESSENTIAL EMBEDDED KNOWLEDGE 
    A demonstrated understanding of:
  • Objectives of IS control
  • IS control frameworks
  • Acceptance testing and System conversion methodologies
  • Risk assessment methodologies and application
  • IS control activities
  • Monitoring of control compliance
  • Quality management techniques
  • Disaster recovery
  • Contingency planning

    Legal Requirements:
  • Laws and regulations relating to the prevention/ detection of fraud, error and illegal acts
  • Statutory sanctions relating to IS environments

    Terminology:
  • IS - Information systems
  • IT - Information technology 

  • UNIT STANDARD DEVELOPMENTAL OUTCOME 
    N/A 

    UNIT STANDARD LINKAGES 
    N/A 


    Critical Cross-field Outcomes (CCFO): 

    UNIT STANDARD CCFO IDENTIFYING 
    Identify and solve problems in which responses display that responsible decisions using critical and creative thinking have been made. 

    UNIT STANDARD CCFO WORKING 
    Work effectively with others as a member of a team, group, organisation and community. 

    UNIT STANDARD CCFO ORGANISING 
    Organise and manage oneself and one's activities responsibly and effectively. 

    UNIT STANDARD CCFO COLLECTING 
    Collect, organise and critically evaluate information. 

    UNIT STANDARD CCFO COMMUNICATING 
    Communicate effectively using visual, mathematical and language skills in the modes of oral and written presentations. 

    UNIT STANDARD CCFO SCIENCE 
    Use science and technology effectively and critically (showing responsibility towards the environment and health of others). 

    UNIT STANDARD CCFO DEMONSTRATING 
    Demonstrate an understanding of the world as a set of related systems. 

    UNIT STANDARD CCFO CONTRIBUTING 
    Be culturally and aesthetically sensitive across a range of social contexts. 

    UNIT STANDARD ASSESSOR CRITERIA 
    N/A 

    REREGISTRATION HISTORY 
    As per the SAQA Board decision/s at that time, this unit standard was Reregistered in 2012; 2015. 

    UNIT STANDARD NOTES 
    N/A 

    QUALIFICATIONS UTILISING THIS UNIT STANDARD: 
      ID QUALIFICATION TITLE PRE-2009 NQF LEVEL NQF LEVEL STATUS END DATE PRIMARY OR DELEGATED QA FUNCTIONARY
    Elective  67460   National Diploma: Public Administration  Level 6  NQF Level 06  Passed the End Date -
    Status was "Reregistered" 
    2023-06-30  As per Learning Programmes recorded against this Qual 


    PROVIDERS CURRENTLY ACCREDITED TO OFFER THIS UNIT STANDARD: 
    This information shows the current accreditations (i.e. those not past their accreditation end dates), and is the most complete record available to SAQA as of today. Some Primary or Delegated Quality Assurance Functionaries have a lag in their recording systems for provider accreditation, in turn leading to a lag in notifying SAQA of all the providers that they have accredited to offer qualifications and unit standards, as well as any extensions to accreditation end dates. The relevant Primary or Delegated Quality Assurance Functionary should be notified if a record appears to be missing from here.
     
    1. Pro-Active Public Services (Pty) Ltd 
    2. South Africa School of Diplomacy, Protocol and Public Administration 



    All qualifications and part qualifications registered on the National Qualifications Framework are public property. Thus the only payment that can be made for them is for service and reproduction. It is illegal to sell this material for profit. If the material is reproduced or quoted, the South African Qualifications Authority (SAQA) should be acknowledged as the source.