Risk of
unauthorized
accessed to
accounting
records and
reports
Accounting
information is at
risk to unauthorized
access from
outsiders as well as
exployees.
The motives of accessing
information include:
- Attempts to
penetrate fraud
- Theft of data
- Malicious acts
Physical
controls
ACCESS CONTROLS
Source documents and accounting
records
need
protected.
to
be
physically
SEGREGATION OF DUTIES
The
organization
should
be
structured that the perpetration
of
a
fraud
requires
collusion
between two or more individuals.
IT
controls
PASSWORDS
The organization should implement
a robust password control policy
to prevent unauthorized access
to computer files and programs
that reside in each departments.
MULTILEVEL SECURITY
The
organization
programmed
should
techniques
implement
that
a
permits
simultaneous access to a central system bt
many users with different access privileges,
but prevents them from obtaining information
for which they lack authorization.
Two common Method for multilevel security
Access Control List - this method assigns
privilege to directly to individuals.
Role-based
Access
Control
-
involves
creating standard tasks called roles. Each
role is assigned access privileges.
Point-of-sale
Systems
Daily Procedure
- The Universal Product Code (UPC) is a label containing price
information
(and
other
data)
that
is
attached
to
purchased in a point of sale system.
- When all the UPCs are scanned, the system automatically
calculates taxes, discounts, and the total for the
transaction.
items
Daily Procedure
- The clerk enters the transaction into the POS system via
the register’s keypad, and a record of the sale is added to
the sales journal in real time.
- At the end of the clerk’s shift, a supervisor unlocks the
register and retrieves the internal tape.
End-Of-Day Procedure
- The cash receipts clerk prepares at three part deposit slip for
the total amount of the cash received.
-One copy is filed and the other two accompany the cash
to the bank.
-Because cash is involved, armed guards are often used to
escort the funds to the bank repository.
Point-of-sale
Control
Issues
Authorization
The
authorization
process
involves validating credit cards
charges and establishing that the
customer is the valid user of the
card.
Supervision
Supervision using surveillance
camera
and
shop
floor
security can reduce risks of
the store being stolen from.
Access Control
In this particular undertaking, the
concern
access
is
with
about
cash
the
risk
assets
of
and
inventory. In order for the POS
system to be protected, there is
a need for restriction to ensure
such risk never occurs.
Accounting records
The internal cash register's tape
is
an
important
accounting
document. The tape is a record
of
all
sales
transactions
processed at the register.
Independent verification
When the clerk whose shift has
ended takes the cash drawer to
the cash room, its content are
reconcilded against the internal
register tape.
Reengineering
using edi
Reengineering using Edi
Doing Business via EDI
- Electronic data interchange (EDI)
is the intercompany exchange of
computer
processable
business
information in standard format.
Reengineering using Edi
EDI is more than just a technology.
EDI poses unique control problems
for organizations.
Doing
Business Via
EDI
Doing Business on the
Internet
- Thousands of organizations worldwide have
home pages on the Internet to promote their
products and solicit sales.
- Typically, Internet sales are credit card
transactions that are sent to the seller’s e
mail file.
Doing Business on the
Internet
-- Unlike EDI, which is exclusively a B2B arrangement
between trading partners, Internet sales are both
B2B and business to consumer (B2C) transactions.
-
Connecting
to
the
Internet
exposes
the
organization to threats from computer hackers,
viruses, and transaction fraud.
Doing Business on the
Internet
-
Most
threats
organizations
seriously
and
take
these
implement
controls, including passwor techniques,
message encryption, and firewalls, to
minimize their risk.
By Group 1
Adriano, Dandred
Galang, Jeremy
Bitangcol, Hanna Dee
Nilo, Jane Dhalie