audgfmis new 2 ' 4. [ b + ! ' 2 ! @ i 2 1 d...

ก�� GFMIS:

��ก��

��. ��

�� GFMIS

Operating System SAP R/3 (GFMIS)

MIS(��%��%&'())MIS - BW SEM

PO��FM CO

FI��ก��!�"��#��ก��!�"��#��

BISBIS'�� ('�� (..

DPISDPIS'�� ก,'�� ก,..

ee--Procurement Procurement '��ก� ��ก#��'��ก� ��ก#��(e-catalog,e-shopping list ee--Auction)Auction)

e-Payroll , e-Pension'��ก� ��ก#��

AFMIS'��B��ก��

��FM

��(�� C��(�� C HR

��,F�ก��G#��,F�ก��G#

��G��G�

��ก��!�"��#��ก��!�"��#��.�ก��01�2.�ก��01�2

RPRP ��3�45&6�%7'8&��3�45&6�%7'8&APAP ��'�8ก97�2��'�8ก97�2

CM CM ��8;��'8&%0��8;��'8&%0FAFA ��%8&(�3�2<=��%8&(�3�2<=��GLGL ��3?@A42ก.�'�(��3?@A42ก.�'�(

ก��!�H

1. Review of Organization’s

Policies, Practices, and Structure

2. Review General

4. Perform Test of Controls

7. Perform Substantive Tests

Audit Planning Tests of Controls Substantive Testing

2. Review General controls and Application

Controls

3. Plan Tests of Controls and Substantive

Testing Procedure

5. Evaluate Test Results

6. Determine Degree of Reliance

on Controls

8. Evaluate Results and Issue

Auditor’s Report

9.Audit Report

* Information Systems Auditing and Assurance by James A.Hall

ก��(��! "�ก��G �FI�

1. �K�B� �ก��G �FI��L!,�F�,�M��N B

(Adequate controls)

2. �K�B�ก��G �FI��L �� (��"�R"S#M��N B

(Control effectiveness)

Control Matrix

Errors

Controls

Control MatrixControl Matrix

�� ,��RV��M�B��ก��G �FI�ก��#�ก��I�ก��

W��X��ก��G �FI�!'� �'Y� SK��Z�ก��ก��G !,�L��K�B�ก��

��Z�ก��ก��G !,�L��K�B�ก��G �(��"�R"S# �[L�W��!(\��"�กY�� W#�ก��!��M��N��

!��"ก��I�� ,"�!��V�B�FI�ก��Computer-Assisted Auditing Tools and

Techniques (CAATTs)

��L�"F I��ก��L�N( N��กB

- Test Data ก��ก��G

- Generalized Audit Software (GAS)

X(��ก� �Z�!�Y��K(�Z�M��ก��L�N(

I��Z�M��ก��!��M��

� � ��L!ก�LF�'��ก�� IT Audit

a � � SK��G��MB��M��! �"ก� American Institute of Certified Public Accountants, Inc. (AICPA) http://www. aicpa.org

(AICPA) http://www. aicpa.org

a � � SK��FI� (Institute of Internal Auditors-- IIA) http://www. theiia.org

Control framework for ERP Environment

Program Interface/Data Conversion Integrity

Design and implement controls for one-time conversions and ongoing interfaces.

1. Legacy system security2. Interface3. Conversion

Hardware

Operating system

IS Policies/Procedures Technology Integrity1. System security2. Monitoring3. Change management4. Scheduling5. Backup recovery6. Disaster recovery

Business Process Integrity1. Business Risk2. Control objective3. Control requirements

Business P

rocesses

Project ManagementChange management and project disciplines

Remote Access-Certification (PKI) Encryption, etc. F

all Database

ERP Application

3. Control requirements4. Control techniques5. Type of control

Application Security1. Security requirements2. Security design

3. Security configuration (DEV & PRD)

4. Administration procedures development

Business P

rocesses

SAP R/3 Audit Layers

Database systems

(IT) Organization and Business Departments

SAP R/3 Basis System

Single Module

IT Audit and

Physical and Organizational Situation in the IT Environment

Network and Communication Systems

Operating System

Database systemsIT basicsecurity

*Introduction to the SAP R/3 System focusing on audit aspects By Roger Odenthal

.�'�(��ก��B��BC��2D&%6�;�3�� SAP

a ก��G X�F�"R�(e"��"�� (Manual / procedural controls)f กZ�M��XF��Fก��(e"��"��#��!��F�(e"��"

a ก��G X�F��(e"��"�� (Inherent controls)

a ก��G X�Fก��กZ�M��B�ก��Z��'�� (Configuration controls)

a ก��G ก��!'��W[�'�� K# (Logical access controls)

f ก��กZ�M��"�R"ก��!'��W[�'�� K#f ก��กZ�M��ก��B��FกM��LI�� (Segregation of duties)

a ก��G X�Fก��I��F�� (Reporting Controls)f ��F��Fก��S"�(ก�"

Inherent ControlsInherent Controls

•• Duplicate checks through Duplicate checks through

message controlmessage control

•• Sequential documents thorugh Sequential documents thorugh number rangesnumber ranges

•• Automatic integration and Automatic integration and

Configuration ControlsConfiguration Controls

•• Edit CheckEdit Check

•• Data Entry ValidationsData Entry Validations•• Document BlockingDocument Blocking•• Tolerance LevelsTolerance Levels•• Authorization GroupsAuthorization Groups

Inherent & Configurable Controls

•• Automatic integration and Automatic integration and postingspostings

•• All transactions through unique All transactions through unique documentsdocuments

•• History of transactions History of transactions executed by users retained executed by users retained including date, time and userincluding date, time and user

•• Logging and history of program Logging and history of program changeschanges

•• Payment BlockingPayment Blocking•• Document TypesDocument Types•• User defined Error / Warning User defined Error / Warning

MessagesMessages•• Automatic Posting with Automatic Posting with

predefined posting keyspredefined posting keys•• Reason CodesReason Codes•• Predefined Master DataPredefined Master Data•• SAP WorkflowSAP Workflow•• Mandatory and/or System Mandatory and/or System

populated fieldspopulated fields

aa ��ก�� ก�� SAPSAP �� M#�กก��(��! "�� !��LF� �� M#�กก��(��! "�� !��LF� (Risk(Risk--based Audit based Audit Approach)Approach) (��ก��F(��ก��Fff ก��Z�� !'��I�ก��ก��Z��'��ก��Z�� !'��I�ก��ก��Z��'�� SAP SAP (Gaining an understanding)(Gaining an understanding)

ff ก��(��! "�� !��LF�'�� ก��(��! "�� !��LF�'�� (Identifying the significant risks)(Identifying the significant risks)aa Business Process ControlsBusiness Process Controlsaa Application SecurityApplication Security

4&�(�ก��I��9%�� SAP

aa Application SecurityApplication Securityaa Program InterfaceProgram Interfaceaa Master Data MaintenanceMaster Data Maintenance

ff ก��(��! "��ก��G '�� ก��(��! "��ก��G '�� (Determining key controls)(Determining key controls)aa Manual / Procedure ControlsManual / Procedure Controlsaa Inherent ControlsInherent Controlsaa Configuration ControlsConfiguration Controlsaa Logical Access ControlsLogical Access Controlsaa Reporting ControlsReporting Controls

ff ก��ก��G �#�ก��(��! "�� !,�F�,�'��ก��G ก��ก��G �#�ก��(��! "�� !,�F�,�'��ก��G (Testing (Testing those controls to confirm their adequacy)those controls to confirm their adequacy)

��ก�� SAP R/3 ��

Business Cycles

�,�� RG�ก"�'�� SAP R/3

Creating Customer Creating Customer RelationshipRelationship

Sales QuotationSales Quotation

Sales OrderSales Order

Goods IssueGoods Issue

Material Material Requirement Requirement

PlanningPlanning

Creating Vendor Creating Vendor RelationshipRelationship

Purchase Purchase RequisitionRequisition

Purchase OrderPurchase Order

Creating Creating Production OrderProduction Order

Producing Producing InventoryInventory

Handling Finished Handling Finished GoodsGoods

Raw Materials Raw Materials ManagementManagement

ProductionProduction

Delivery NoteDelivery Note

InvoiceInvoice

Account Account ReceivableReceivable

CollectionCollection

Goods ReceiptGoods Receipt

Invoice Invoice VerificationVerification

Accounts PayableAccounts Payable

PaymentPaymentReportingReporting

RevenueRevenue ExpenditureExpenditure

, figure 4.4 Core Business Cycles

Book: Security , Audit and Control Features SAP R/3, 2nd Edition

Linking Audit Cycles to SAP Modules

Audit Business Cycles

Financial Accounting

Treasury

Fixed Assets

Financial Applications

Logistics Applications

SAP Module Functional CategorySAP Module Functional Category

Expenditures

Revenues

Inventory management

Payroll and Personnel

Basis Component

Cross Applications

Industry Solutions

Logistics Applications

Human Resources

, figure 4.3 Linking Audit Cycles to SAP Modules

Expenditure Business Cycle

Requisition

Purchase Officer Enters Purchase

Vendor

Purchaser/Receiving Department

Invoice

Vendor Invoice

AP Clerk Input

EFT Payment Registered

EFT ApprovalUNMATCHEDUNMATCHED

11. Purchases. Purchases 22. Goods Receipt. Goods Receipt 33. Invoice Processing. Invoice Processing 44. Payment. Payment

PO Release

Purchase Order

Input Receiving Information

Purchaser/Receiving Department

Reconcile Officer

AP supervisor

EFT File

Bank Reconciliation

SAP Expenditure Business Cycle�� W��B�!(\� 4 �B��

1. Master data maintenance– Vendor master data– Material master data– Vendor pricing information

2. Purchasing– Purchase requisition

RisksRisksก��"!��MV�� !��LF�'��ก��"!��MV�� !��LF�'��

Key ControlsKey Controlsก��G ��L�Z��ก��G ��L�Z��

– Purchase requisition– Request for Quotation (RFQ)– Purchase Order– Contract / Scheduling agreement– Release procedure (Release strategy)– Goods Receipts ( GR)

3. Invoice Processing– Invoice Verification– Three-way match process; Purchase

Order, Goods Receipts and Invoice

4. Processing Disbursements

ก��G ��L�Z��ก��G ��L�Z��

Testing TechniquesTesting Techniques!��"ก��!��"ก��

SAP R/3 Expenditures Business Cycle

1. Master data maintenance

2. Purchasing

3. Invoice

Expenditures Cycle

Processing

Risksก��8'B��;<B��'%AN2��&

Key Controlsก��B��BC�(AN%6�B3?

Testing Techniques'(B&8Bก��I��9%��

ก��I��9%�� SAP R/3

Master Data Maintenance

• Master Data Maintenance Risks�� !��LF��L!ก"��กก��M��ก�N''�� K# Vendor Master

1. (i�M�ก��M��ก��ก�N''�� K# Vendor Master ��LN BWKก�� Z�IM�!ก"�� !��LF� N��กB ก��L��"��ก Vendor ��LN BN��

��Z�IM�!ก"�� !��LF� N��กB ก��L��"��ก Vendor ��LN BN��G��, ก��B�F!�"�B��"�� #� discount terms N BWKก��

2. '�� K# Vendor Master N B!(\�(i��G��• '�� K#'�� Vendor �ก��!(#�LF��(#��BF��N BN��ก�N'I��• I�� Vendor ��LN B �ก��!#�L��NM��FKB!(\��Z�� ก

• �G��G ��L�Z��I�!��L��ก��M��ก�N''�� K# Vendor Master1. (i�M�ก��M��ก��ก�N''�� K# Vendor Master ��LN BWKก��

Key Controls O014ก7 :

- IM� �ก��F��ก��!(#�LF��(#�'�� K# Vendor Master �FKB!� �

-กZ�M��SK��S"��I�ก��M��ก�N''�� K#IM�!M ��

-ก��กZ�M��B��G I�� (Configure) ��IM�!M �� ก��ก#GB '�� Vendor Master ��L �

Master Data Maintenance Key Controls

-ก��กZ�M��B��G I�� (Configure) ��IM�!M �� ก��ก#GB '�� Vendor Master ��L �� ก�B��ก��F

2. '�� K# Vendor Master N B!(\�(i��G��

Key Controls O014ก7 :

- IM� �ก��ก��!(#�LF��(#�'�� K# Vendor Master �#�(��(�G�'�� K#��L�FKBI��IM�!(\�(i��G��FKB!� �

Master Data Maintenance • !��"ก�� Vendor Master

1. ��ก��F��ก��!(#�LF��(#�/�ก�N''�� K# Vendor Master(Program RFKABL00)

2. �� User access authorization I�ก��!(#�LF��(#�/�ก�N''�� K#

Vendor Master �B�!(\�N(�� XF��F��"j��M��N B

3. ��ก��กZ�M��B��G I�� (Configurable Control settings)

IM� �� #��ก��ก#GB '�� Vendor Master �[L��ก��ก��G ��L �� ก�B��ก��

4. �� Z��'��'�� K# - Extract '�� K# Vendor Master ��ก Table LFA1

5. ��M#�ก��ก��G ��"��กSK� ��Z��I�ก�� Vendor Master I�� (Program RFKKVZ00)

2. Purchasing

3. Invoice

Expenditures Cycle

Processing

Risksก��8'B��;<B��'%AN2��&

ก��I��9%�� SAP R/3

Purchasing Risk

�� !��LF�'��ก��

1. (i�M�ก��I�B'�� K# �#�ก��ก�N''�� K# Purchasing N BWKก�� Z�IM�!ก"�� !��LF� N��กB ก��N��"��N BWKก��, N B��!�#� �� W[�

ก��LN BN��ก��G ��"��LWKก�� (Release Strategy)

2. ก��"��LN B��ก��I��L��

�Z��"�� #�/M�� "��"�� N B��ก��I��L��

3. ก��B��"��IM� Supplier #B�� M��N B!(\�N(�� กZ�M��!�#�

Purchasing Key Controls1. (i�M�ก��I�B'�� K# �#�ก��ก�N''�� K# PurchasingKey Controls N��กB :

- �Z�ก��SK��S"��I�ก��,�ก�N''�� K# �#�ก��Fก!#"กก��

- กZ�M�� Source list of Material �� Vendor approval list

- I�� SAP R/3 Release Strategy

2. ก��"��LN B��ก��I��L��

2. ก��"��LN B��ก��I��L��Key Controls N��กB :

- ��ก��F��ก��"��LS"�(ก�" !�B� ��Fก��"��LN B �I��L��

- �Z�ก��SK��S"��I�ก��(k��'�� K#, ก��ก�N' M��ก��Fก!#"ก��Fก��"��

3. ก��B��"��IM� Supplier #B�� M��N B!(\�N(�� กZ�M��!�#�Key Controls N��กB :

- ��ก��ก��B��"�� #��F��ก��B��"��ก��Page 125

Purchasing Testing Techniques

• !��"ก��ก��I��

1. �� User access to PR/PO transaction �B�!(\�N(�� XF��F��"j��M��N B

2. �� Approval source list of materials and Approval Vendor

3. ��ก��กZ�M��B��G I�� (Configurable Control settings) I�ก��

กZ�M�� Release Strategy �� W[�ก��IM�!(\�N(�� XF��F��"j��F

4. ก��F��L��#�!M�GS#'�� Vendor ��L �ก��B�F!�"�!(\�!�#��

(Program RM06EM00)

5. ��Fก��"��L��B�� Vendor

(Transaction MB51; specify Storage location & movement type)

2. Purchasing

3. Invoice

Expenditures Cycle

Processing

Risksก��8'B��;<B��'%AN2��&

ก��I��9%�� SAP R/3

Invoice Processing Risk

• �� !��LF�'��ก��M��B��"��/��"ก��

1. �Z��!�"��L��[ก!(\�!��M�� N B!(\�N(�� Z��"��M��"ก��L��"j��N��

2. �Z��!�"��L��[กN BWKก�� M��[กN B�� !�#�

3. I�#�M��M��Fก��(��(�G� ��[กN BWKก�� M��[กN B��

��!�#�Page 127

Invoice Processing Key Controls1. �Z��!�"��L��[ก!(\�!��M�� N B!(\�N(�� Z��"��M��"ก��L��"j��N��

Key Controls N��กB :

- �Z�ก��SK��S"��I�ก�� input '�� K#, ก��ก�N', ก��Fก!#"ก M��ก��G ��"�B�F!�"� X�FSK��Z�M��L��ก#B��N B��!(\��!��F�ก��ก��SK��L��กI��L�� (PO) �#�/M��SK��L�Z�M��L��"�� (GR)

2. �Z��!�"��L��[กN BWKก�� M��[กN B�� !�#�Key Controls N��กB :

- กZ�M��B��G I�� (Configurable Control settings) > Three-way match

process; (Purchase Order, Goods Receipts and Invoice) and posting period control

- กZ�M��B��G I��Z�M��B� Tolerance limits �#�� GR/IR

- ��F��I��L��L!ก"�กZ�M��!�#��FB�� LZ�!� �

- �Z�ก��SK��S"��I�ก��[ก Exchange rate

3. I�#�M��M��Fก��(��(�G� ��[กN BWKก�� M��[กN B�� !�#�Key Controls N��กB :

- �Z�ก��SK��S"��I�ก�� input '�� K#, ก��ก�N', ก��Fก!#"ก M��ก��G ��"I�#�M��B��"��

Invoice Processing Testing Techniques

1.�� User access authorization – Invoice Processing2. ��ก��กZ�M��B� GR/IR control indicator (globally required)

3. ��ก��กZ�M��B��G I�� (Configurable Control settings) �Z�M��B�

Tolerance limits �#� Message control X�F�� W[�ก��IM�!(\�N(��

�XF��F��"j��F

4. ก��F��!M#��'�� GR/IR (Program RM06EM00)

5. ��F��I��L��L!ก"�กZ�M��!�#� (PO Outstanding) – Program

RM06EM00

6. ��F��ก��ก�N' Exchange rate

2. Purchasing

3. Invoice

Expenditures Cycle

Processing

Risksก��8'B��;<B��'%AN2��&

ก��I��9%�� SAP R/3

Processing Disbursement Risks

• �� !��LF�'��ก��B�F!�"�B��"��/��"ก�� N��กB

1. ก��G ��"�B�F!�"�IM�ก��!��M��LN B ��

2. �Z��!�"��L�B�FN BWKก�� M��B�F!�"�X�FF��N BN��"��

3. ก��B�F!�"�X�FM#�ก!#�LF�ก��[ก!'��

Processing Disbursement Key controls

• �G��G ��L�Z��!��L�� Invoice Processing

1. �Z�ก��SK��S"��I�ก��Z� Payment run I��

�� ก��Z�ก��SK��S"��I�ก��ก�N'ก��Z��Fก��B�F!�"�I�� (Payment

�� ก��Z�ก��SK��S"��I�ก��ก�N'ก��Z��Fก��B�F!�"�I�� (Payment run parameter) M��Z�ก��Z��L�� W�Z��Fก��B�F!�"�I��N��

2. �Z�ก��SK��S"��I�ก�� Release blocked invoice

�� ก��กZ�M��/�Z�ก��SK��L�� W(#� lock ก��B�F!�"��Z�M�� invoice ��LWKก

block for payment N�� ก��(#� lock !(\��F invoice �#��F

vendorPage 129

Processing Disbursement Testing Techniques

1. �� User access authorization – Invoice Processing

– Automatic Payments Transactions

– Parameters for Payment

– Payment with printout

2. �� User access authorization – Release

invoices

– Change document

– Change line items

– Block/unblock vendor

ก��ก��B��FกM��L

ก��B��FกM��L�� W#�X�ก��'��ก��!ก"�'��S"�,#��I�ก��(e"��"��X�F��B��Fกก��ก��Z��N(F��G#��L�B��ก��I��B#��B��!�#�'��ก��ก�� X�F(ก�"��B��FกX�F

aApproval (RA)

aCustody (AA)

aRecording / Transaction processing (TP)

aControl (CO)

�Z�M�� ERP �#� �ก��B��FกM��L��ก��"�M�[L��

a Access to master data maintenance (MD)

ก��ก�� ก��

��ก�� transaction code ��ก�� !

��1��R5%��%&'()'�SN�ก��I��9%��& SAP (AIS)

Audit Information SystemAudit Information System (AIS)(AIS) !(\��!(\��'�� K#��!�H!,�L�ก�� '�� K#��!�H!,�L�ก�� SAPSAP �#�!(\�!��L�� Z�M��SK��L��I��I�ก��#�!(\�!��L�� Z�M��SK��L��I��I�ก��"�� #��ก��G �FI�'��"�� #��ก��G �FI�'��(Inherent Control & Configuration Control)(Inherent Control & Configuration Control)

AIS AIS (��ก��F (��ก��F

AIS AIS (��ก��F (��ก��F 11. . !��L�� ก�� !��L�� ก�� ((System Audit)System Audit)

-- System configurationSystem configuration-- System logs and status displaysSystem logs and status displays-- Development / customizingDevelopment / customizing

22. . !��L�� ก��Fก��RG�ก"� !��L�� ก��Fก��RG�ก"� ((Business Business Audit)Audit)

-- Organization overviewOrganization overview-- Financial statement Financial statement ––oriented auditoriented audit-- ProcessProcess--originated auditoriginated audit

ก�� GFMIS

��

ก��G ��L�N(

ก��G ��L�N((General Controls)

��F

3. �� M �F�#��WG(��V'��ก��G ��L�N(I��!�H

ก��B��BC�(3N�O. ;��2=T ก��B��BC�D&%7�&(AN'กAN2��1�ก3�%��4�051��ก��B��BC��2D& &U2��245�8VAก��D&ก��B��BC��%��%&'() ก��B��BC�B��.5�0�32 ก��B��BC�ก��3W&�45.�3�.�C 45ก��.X�ก3&/50B��'%A2;�2�� '.Y&ก��B��BC��2D&%6�;�3��B<ก��;�S�B��

50B��'%A2;�2�� '.Y&ก��B��BC��2D&%6�;�3��B<ก��;�S�B��AD&(Cก Z %7�&��%��%&'()

'�SN�D;1'ก80B��3N&D9�7��B��8�'I��<U02��B<ก��AB��'%=A2� �Aก��930ก��(AN0A 45'.Y&%7�&;&TN(AN9ก7�D;1'ก80�R�[��

4. ก��G ��L�N(I��!�H

4.1 ก��ก6�;&0&U2��2D&ก��D@1%��%&'()4.2 ก��4�742ก;&1�(AN�&D&��%��%&'()

4.3 ก��B��BC�UB�ก��3W&��%��%&'()

4.4 ก��B��BC�ก��'.5AN2&4.54ก1O��

4.5 ก��B��BC�ก��.`8�3I8�&D&)R&2<B��8�'I��<

4.6 ก��B��BC�ก��'�1�=T�C.ก�[<B��8�'I��<

4.7 ก��B��BC�ก��'�1�=T�1��R545(�3�2�ก�%��%&'()

ก��G ��L�N(I��!�H (�B�)

4.8 ก��B��BC�'�1�=T��&4.9 ก��B��BC�ก��930'กd��1��R5

4.10 ก��B��BC�ก��%SN�%��1��R5

4.11 ก��ก6�;&0��I�g�&��'�ก%��%��%&'()

4.12 ก��50B��'%A2;�2(AN��9'ก80�Th&ก3��B��8�'I��<

4.13 ก��4i&กK��ก�F,"��"

4.1 ก��กZ�M��XF��F��!�H

��XF��F��L��!��B�I��ก��!'��W[�'�� K#��N� ! �L�NM�B I��I�

ก��IM��"�R"I�ก��!'��W[��I��M#�ก mneed to known

4.2 ก��B��FกM��L��I��!�Ha ��B��FกM��L�� S"��'��SK�(e"��"�� ,"�!��VIM��!��

f ��"!��MV�� (System Analysis)

f ��!'�F�X(��ก� (Programming)

f ��(e"��"ก�� ,"�!��V (Computer Operation)

f ��'��SK�I�� (User)

f ��C��กjV�� (System Library)

f ��G '�� K# (Data Control)

4.3 ก��G X��ก��,�p��!�H

a �S�� B��F�F��

a �S��,�p��

a กZ�M��ก��(�� #S#'�� K#

a ก�� M �FM��L�#�� S"��

a ก��(��! "�S#��M�B��ก��Z�!�"�X��ก��

a ก��FM#��ก��"��#��Z�� I��

a ก��S#ก��Z�!�"��'��

4.4 ก��G ก��!(#�LF��(#��ก�N'��

• ก��กZ�M��!��F��"R�(e"��"I�ก��ก�N'��L!(\�#�F#�กjCV��กj�

a �ก��H[กj�W[�S#ก��B�� q

a �ก��L�ก�N'�#��กB��Z�N(I��

a ��Z�!�ก��KB ��(��ก��ก��ก�N'

a (��! "�S#�#��FM#��!�"L I��

4.5 ก��G ก��!'��W[�'�� K#�#��,F�ก��!�H

• ก��(�� #S#��

a ก��Z��'�� K#

a ก��ก��(i�M�'��

4.6 ก��G !'��W[��G(ก�CV� ,"�!��V

• �W��L "��"�a �ก��กj�� (#��FM��B�a !'��กN��!r,��SK�!ก�LF�'��a กZ�M��XF��F��กj�� (#��F��L��!��

a กZ�M��XF��F��กj�� (#��F��L��!��a �"��!��Fก�C� �SK��Gก�Gกa �Z�ก��IM�I��X��H�,�V!r,��!��L��L!ก�LF�ก�� a �"��G(ก�CV(k��ก��!��L�� ,"�!��Va ��G ��,��#�� I�ก��Z��

4.7 ก��G ก��!'��W[�'�� K#�#��,F�ก��!�H

a ��H��'��SK�I�� (User Views or Subschema)

a ��ก��G��"IM�!'��W[��'�� K# (Database Authorization Table)

a ก��!'��M��'�� K# (Data Encryption)

a ก��G ก��G ��'�� K# (Inference Controls)

4.8 ก��G ก��!'��W[��

a ก�� !�Y��"� (Authentication)

f �M��SB�� (Password)

f ก��G��F�B��L ��ก�F�, (Physical Possession Identification)

f ก��G��FB��, (Biometric Identification)

a ก��กZ�M��"�R" (Authorization)

a ก��[กก"�ก�� B�� q I��!,�L�ก�� (Audit Log)

4.9 ก��G ก��!กY�'�� K#

a �B��Fก��

a M�� G��tk '�� K#

• Label (external and internal )

4.10 ก��G ก��L��'�� K#

• Encryption• Callback system• Parity bit

4.11 ก��กZ�M�� !�ก��!�H

• ก��Z�!�ก��ก��"M��

a ก��Z�!�ก��

a ก��Z�!�ก��(��ก��ก��(e"��"ก��

4.12 ก��#�� !��FM�F��L��!ก"�'[��ก�� ,"�!��V

• ก��Z��G��กj�I�!�"�(k��ก�� (Preventive Maintenance)a �G(ก�CVNttk��Z�� (Uninterrupted Power Supply)

a ��L��B�� ก,�B�� (Fault Tolerant)

4.13 ก��S�กK��ก�F,"��"

�S�� W[�a Backup files, facilities, and stationery

a ก��#Z�� Z��'��L��กK�กB��

a ก��กZ�M�� L��S"��ก��กK��

a ก��uvก�� ก��กK��

�� !��LF��กก��'��ก��G ��L�N(��L��

a �,�� '��ก��G �FI�'��(��"�R"�,

a '�� K#M��X(��ก� ��!ก"�� !��FM�F

a '�� K#M��X(��ก� �� ก��Z�N(I��X�FN BN��

a '�� K#M��X(��ก� �� ก��Z�N(I��X�FN BN��G��

a ��MFG��ก

Questions

Answers

audgfmis new 2 ' 4. [ b + ! ' 2 ! @ i 2 1 d...

Documents

the metal layers

pengembangan perangkat identifikasi mutu fisik … · built...

trilaminary disc layers

organización layers autocad

osi 7 layers

findings from the 2008 national profile of local health...

(tratamento imagens) layers

แบบคําสังบรรจุ...

adobe photoshop cs layers adobe photoshop cs rui dias layers

posa1 layers

findings from the 2008 national profile of local health...

between layers

open layers pt_br

leccion 5 layers

layers civil3d

layers 2016 by alexis rassel

garment industry departments and workings

osi reference model 7 layers

iso-osi 7 layers

higuera - manual open layers