HomeNews/ChatSearchMemberlistRegisterUsergroupsFAQLog in
This Forum is Currently Under Construction...

Share | 
 

 Security Professionals Need Oversight Over Accounting Software

Go down 
AuthorMessage
brywqui
Board Noob
Board Noob
avatar

Posts : 13
Join date : 2010-09-17

PostSubject: Security Professionals Need Oversight Over Accounting Software   9/18/2010, 14:29

"Corporate frauds " .... involving the manipulation of accounting systems continued to be the biggest single fraud threat to organizations" in the June 2010 KPMG Fraud Barometer.

The twice-yearly study, this edition of which covers January to June 2010, draws its inferences by monitoring fraud matters before the courts and found that accounting fraud is the leading cause of such actions.

The Barometer says that these frauds "... generally involve a staff member (employee or management) overriding or manipulating accounting procedures to divert payment of funds for their own benefit. In many cases these frauds went undetected for many years, suggesting fundamental weaknesses in internal controls."

Gary Gill, Head of KPMG Forensic, told SearchSecurity ANZ that incorrect use of security features in accounting software are often to blame for these frauds.

"A lot of accounting systems give you the ability to do things like segregation of duties," the practice of ensuring that transactions go through a workflow process that sees different people initiate, perform, approve and archive transactions. "The question is whether people are using them or not. When people override the systems and somebody who does not have access to a payroll or accounts payable master file is given access to that information, that can help them perpetrate a fraud."

Gill believes "it makes sense" for IT security professionals to be involved in the implementation of accounting software, so that their specialized insights into access control can be applied. He fears, however, that security professionals are often overlooked as it is not felt they have anything to contribute to a discussion about finance.

"Are they sufficiently involved? They may not be. People see it as an accounting control," not a security matter, he told SearchSecurity ANZ.

Possible roles for security professionals could, he said, include advising on user rights when roles change.

"When someone changes jobs inside an organization it is important to turn off their old access codes and make sure they only have their new levels of access. In practice what happens is they get both."

"The other area we find is audit logs. Most decent software has a built-in audit log. We have done a number of investigations where those logs have been deleted."
Back to top Go down
View user profile
 
Security Professionals Need Oversight Over Accounting Software
Back to top 
Page 1 of 1
 Similar topics
-
» Need help with IMX Software
» IAS (International Accounting Standard) Vs. CSE
» New accounting standard – IFRS – clearer to the industry
» CDAX software dilemma
» PAP Accounting methodology used for PAP.N0000

Permissions in this forum:You cannot reply to topics in this forum
Quinn & De Luca, LLC :: Accounting :: GAAP-
Jump to: