1 回答
The following aspects should be considered when determining risk and control measures:
在确定风险和控制措施时,应考虑以下方面:
· When is the pass / fail decision taken;什么时候做出通过/失败的决定。
If data acceptability decisions are taken before a record (raw data or processed result) is saved to permanent memory, there may be opportunity for the user to manipulate data to provide a satisfactory result, without this change being visible in audit trail. This would not be visible to the data reviewer.
如果在记录(原始数据或处理后的结果)被保存到永久内存之前就做出了数据可接受性的决定,那么用户可能有机会操作数据以提供一个满意的结果,而这种变化在审计跟踪中是不可见的。这对数据审查员来说是不可见的。
This is a particular consideration where computerised systems alert the user to an out of specification entry before the data entry process is complete (i.e. the user 'saves' the data entry), or saves the record in temporary memory.
如果计算机系统在数据输入过程完成前(即用户 "保存 "数据输入)就提醒用户有不符合规格的输入,或将记录保存在临时存储器中,这就是一个特别的考虑。