Presentation is loading. Please wait.

Presentation is loading. Please wait.

Strengthening Technology Controls to Prevent Fraud

Similar presentations

Presentation on theme: "Strengthening Technology Controls to Prevent Fraud"— Presentation transcript:

1 Strengthening Technology Controls to Prevent Fraud
Brad Belcher Systems Analyst & Hardware Technician Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP

2 General Controls (ITGC)
Ensure reliability of data generated by IT systems and support assertion that systems operate as intended and that output is reliable. Control environment – controls designed to shape the corporate culture or “tone at the top” Change management procedures – controls designed to ensure changes meet business requirements and are authorized Source code/document version control procedures – controls designed to protect the integrity of program code a1

3 General Controls (ITGC)
Software development life cycle standards – controls designed to ensure IT projects are effectively managed Security policies, standards and processes – controls designed to secure access based on business need Incident management policies and procedures – controls designed to address operational processing errors Technical support policies and procedures – policies to help users perform more efficiently and report a1

4 Application Controls (ITAC)
Performed automatically by the system and designed to ensure the complete and accurate processing of data. May also ensure privacy and security of data transmitted between applications. a1

5 Application Controls (ITAC)
Completeness checks – controls that ensure all records were processed from initiation to completion Validity checks – controls that ensure only valid data is input or processed Identification – controls that ensure all users are uniquely and irrefutably identified Authentication – controls that provide an authentication mechanism in the application system a1

6 Application Controls (ITAC)
Authorization – controls that ensure only approved business users have access to the application system Problem management – controls that ensure all application problems are recorded and managed in a timely manner Change management – controls that ensure all changes on production environment are implemented with preserved data integrity. Input controls – controls that ensure data integrity fed from upstream sources into the application system a1

7 Specific Applications
Accounts Receivable Limit those who can credit accounts New account set-ups Payment application Exception reports a1

8 Specific Applications
Inventory Limit those who can process adjustments Exception reports Set controls to identify problems when entered a1

9 Specific Applications
Accounts Payable Limit access Restrict new vendor set-up Create exception reports Check gaps Vendor payment limits Vendor check activity a1

10 Specific Applications
Payroll Limit access Employee hires Employee terminations – get them out! Pay ranges Activity reports a1

11 Specific Applications
General Limit journal entry authorization and track who makes them Limit system access and create “roadmap” of who can do what Monitor who is accessing what Internet/computer/cell phone policies Monitor and enforce Consider risks associated with “Keys to the Kingdom” a1

12 Contact Brad Belcher AgVantage Software Rochester, Minnesota Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP Middleton, Wisconsin a1

Download ppt "Strengthening Technology Controls to Prevent Fraud"

Similar presentations

Ads by Google