Application controls in information technology

Application controls are transactions and data relating to each computer-based application system and are specific to each application. The objectives of application controls, which may be manual or programmed, are to ensure the completeness and accuracy of the records and the validity of the entries made therein.
Several types of application controls exist. These include:
Input controls – these controls are used mainly to check the integrity of data entered into a business application, whether the data is entered directly by staff, remotely by a business partner, or through a Web-enabled application or interface. Data input is checked to ensure that it remains within specified parameters.
Processing controls – these controls provide an automated means to ensure processing is complete, accurate, and authorized.
Output controls – these controls address what is done with the data and should compare output results with the intended result by checking the output against the input.
Integrity controls – these controls monitor data being processed and in storage to ensure it remains consistent and correct.
Management trail – processing history controls, often referred to as an audit trail, enables management to identify the transactions and events they record by tracking transactions from their source to their output and by tracing backward. These controls also monitor the effectiveness of other controls and identify errors as close as possible to their sources [Bellino, Hunt, Wells, p. 2].

Additional application control components include whether they are preventive or detective. Although both control types operate within an application based on programmed or configurable system logic, preventive controls perform as the name implies — that is, they prevent an error from occurring within an application. An example of a preventive control is an input data validation routine.

Sources:

Magee, K. (March 8, 2021). IT auditing and controls: A look at application controls. Infosec Resources. Retrieved from https://resources.infosecinstitute.com/topic/it-auditing-and-controls-a-look-at-application-controls;

Bellino, C., Wells, J., & Hunt, S. (2007). Global Technology Audit Guide: Volume 8. Auditing Application Controls. Lake Mary: The Institute of Internal Auditors (The IIA).