Presentation is loading. Please wait.

Presentation is loading. Please wait.

Strengthening Technology Controls to Prevent Fraud Brad Belcher Systems Analyst & Hardware Technician Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP.

Similar presentations


Presentation on theme: "Strengthening Technology Controls to Prevent Fraud Brad Belcher Systems Analyst & Hardware Technician Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP."— Presentation transcript:

1 Strengthening Technology Controls to Prevent Fraud Brad Belcher Systems Analyst & Hardware Technician Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP

2 a1 2 General Controls (ITGC) Ensure reliability of data generated by IT systems and support assertion that systems operate as intended and that output is reliable. Control environment – controls designed to shape the corporate culture or tone at the top Change management procedures – controls designed to ensure changes meet business requirements and are authorized Source code/document version control procedures – controls designed to protect the integrity of program code

3 a1 3 General Controls (ITGC) Software development life cycle standards – controls designed to ensure IT projects are effectively managed Security policies, standards and processes – controls designed to secure access based on business need Incident management policies and procedures – controls designed to address operational processing errors Technical support policies and procedures – policies to help users perform more efficiently and report

4 a1 4 Application Controls (ITAC) Performed automatically by the system and designed to ensure the complete and accurate processing of data. May also ensure privacy and security of data transmitted between applications.

5 a1 5 Application Controls (ITAC) –Completeness checks – controls that ensure all records were processed from initiation to completion –Validity checks – controls that ensure only valid data is input or processed –Identification – controls that ensure all users are uniquely and irrefutably identified –Authentication – controls that provide an authentication mechanism in the application system

6 a1 6 Application Controls (ITAC) –Authorization – controls that ensure only approved business users have access to the application system –Problem management – controls that ensure all application problems are recorded and managed in a timely manner –Change management – controls that ensure all changes on production environment are implemented with preserved data integrity. –Input controls – controls that ensure data integrity fed from upstream sources into the application system

7 a1 7 Specific Applications Accounts Receivable –Limit those who can credit accounts –New account set-ups –Payment application –Exception reports

8 a1 8 Specific Applications Inventory –Limit those who can process adjustments –Exception reports –Set controls to identify problems when entered

9 a1 9 Specific Applications Accounts Payable –Limit access –Restrict new vendor set-up –Create exception reports Check gaps Vendor payment limits Vendor check activity

10 a1 10 Specific Applications Payroll –Limit access –Employee hires –Employee terminations – get them out! –Pay ranges –Activity reports

11 a1 11 Specific Applications General –Limit journal entry authorization and track who makes them –Limit system access and create roadmap of who can do what –Monitor who is accessing what –Internet/computer/cell phone policies –Monitor and enforce –Consider risks associated with Keys to the Kingdom

12 a1 12 Contact Brad Belcher AgVantage Software Rochester, Minnesota Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP Middleton, Wisconsin


Download ppt "Strengthening Technology Controls to Prevent Fraud Brad Belcher Systems Analyst & Hardware Technician Jeff Brandenburg, CPA, CFE Clifton Gunderson LLP."

Similar presentations


Ads by Google