Module 2 Segregation of Duties Case Study Individual Assignment

Slides:



Advertisements
Similar presentations
An Internal Control Overview
Advertisements

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
© 2009 by SAP AG. All rights reserved. / SAP University Alliances Page 1 Primary Learning Objectives Use the SAP system to experience the steps in a typical.
Auditing Concepts.
Learning Objectives LO1 Explain the key risks of misstatement in production and payroll processes. LO2 Outline the production process: typical transactions,
Auditing Computer Systems
The Islamic University of Gaza
Learning Objectives LO1 Distinguish between management and auditor’s responsibilities regarding an auditee organization’s internal controls. LO2 Explain.
7-1 FRAUD, INTERNAL CONTROL, AND CASH Financial Accounting, Sixth Edition 7.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES
Internal Control Structure. Learning Objectives l To understand the components of an organization’s internal control structure l To know the objectives.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
9 - 1 What is the purpose of an ICS? l First, what is it?? Policies and procedures established to provide reasonable assurance that the entities specific.
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
ERM - Control Activities Authorization of transactions Segregation of incompatible duties Independent checks on performance Safeguarding assets and information.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Risk Management Vs Risk avoidance William Gillette.
BA 378: Accounting Information Systems Instructor: Dr. James R. Coakley.
Fraud, Internal Control, and Cash
Introduction to Internal Control Systems
Chapter 5 Internal Control over Financial Reporting
Chapter 2 Conflict of interest. SEC guiding principles not in book Independence in fact Independence in appearance Auditors are not independent if relationships.
INTERNAL CONTROL AND CASH UNIT 7 Internal control consists of the policies and procedures adopted within a business in order to: 1. optimize resources,
Computer Security “Measures and controls that ensure confidentiality, integrity, and availability of IS assets including hardware, software, firmware,
 2004 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, by Bodnar/Hopwood 4 – 1 Transaction Processing and the Internal Control.
1 Chapter Three IT Risks and Controls. 2 The Risk Management Process Identify IT Risks Assess IT Risks Identify IT Controls Document IT Controls Monitor.
IT Service Delivery And Support Week Eleven – Auditing Application Control IT Auditing and Cyber Security Spring 2014 Instructor: Liang Yao (MBA MS CIA.
Electronic Presentations in Microsoft ® PowerPoint ® Prepared by Brad MacDonald SIAST © 2009 McGraw-Hill Ryerson Limited.
Dr. Benjamin Khoo New York Institute of Technology School of Management.
Risk Management. IT Controls Risk management process Risk management process IT controls IT controls IT Governance Frameworks IT Governance Frameworks.
Internal Controls and Fraud Convery Describe an Internal Controls System and its elements Identify specific Internal Control issues in a NPO Consider.
Cash  Coin and currency  Checking, savings, and money market accounts  Undeposited, cashier, and certified checks LO1 © 2013 Cengage Learning. All Rights.
Everyone’s Been Hacked Now What?. OakRidge What happened?
Fundamentals I: Accounting Information Systems McGraw-Hill/Irwin Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Chapter 9: Introduction to Internal Control Systems
Learning Objectives Understand the Business – LO1 Distinguish among service, merchandising, and manufacturing operations. – LO2 Explain common principles.
Controlling (CO) SAP University Alliances Version 2.1
Auditing Internal Control Studies & Risk Assessment Chapter 9 Internal Control Studies & Risk Assessment Chapter 9.
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Controlling (CO) SAP University Alliances Version 1.0
Financial Management & Internal Control for Utility Companies Julia Barber, CPA and Sherman, Barber & Mullikin, CPAs Madison, IN
Security Snapshot Assessment Maximizing Return on Security Investment What assets do we have? What is running on those assets? What is our risk level?
Facilitate by: Mr. Meas Kheang Administration and finance Manager
1 CHAPTER 5 - b INTERNAL CONTROL OVER FINANCIAL REPORTING.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
Copyright © 2016 by McGraw-Hill Education Chapter 5 Fraud, Internal Control, and Cash PowerPoint Author: Brandy Mackintosh, CA.
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Risk Controls in IA Zachary Rensko COSC 481. Outline Definition Risk Control Strategies Risk Control Categories The Human Firewall Project OCTAVE.
Auditing Concepts.
Internal Control Principles
Financial Accounting Fundamentals
Accounts Receivable, Accounts Payable & Cash
Part I: Purchases and Cash Disbursements Procedures
Financial Accounting, Fifth Edition
Defining Internal Control
Module 2 Segregation of Duties Case Study Individual Assignment
Internal controls 01-Nov-2017.
TRANSACTION CYCLES Third Lecture
Internal Controls and Cash
INTERNAL CONTROLS AND THE ASSESSMENT OF CONTROL RISK
Code vulnerabilities Vulnerabilities are mistakes, errors or weaknesses in a piece of software’s source code that can be directly used by a hacker to perform.
Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.
Presentation transcript:

Module 2 Segregation of Duties Case Study Individual Assignment Accounting Information Systems

Primary Learning Objectives Investigating how the SAP system assigns authorizations to users Understand how to implement segregation of duties controls Begin to understand the role of risk assessment in implementing controls Applying the principles of segregation of duties to a case study Determining how segregation of duties can be applied to a computerized system Accounting Information Systems

Accounting Information Systems Segregation of Duties Segregation of duties is one of the strongest controls within an accounting system The following duties should be segregated: Authorizing the transaction Recording the transaction Custody of assets involved in the transaction Independent verification and reconciliation of the transactions Accounting Information Systems

Accounting Information Systems Risk Analysis All control assessments, including the segregation of duties, should be based on the analysis of risks Control should then be applied in order to mitigate those risks Risks have two components Threats Vunerabilities – Wiki defines vulnerability as the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. ENISA defines vulnerability as the existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event [G.11] compromising the security of the computer system, network, application, or protocol involved. Accounting Information Systems

Steps Involved in the Case The case deals with the revenue cycle (sales to cash business process) of a hypothetical company The case consists of four parts Examine how the SAP system assigns authorizations to users – completed outside of class. Risk assessment – analyze the threats to the company‘s revenue cycle Allocate tasks to employees to properly segregate duties Develop an authorization matrix for segregating duties on a computerized system Accounting Information Systems

Steps Involved in the Case The case is divided into four parts. The first three parts deal with assessing risk, assigning tasks to achieve proper segregation of duties, and completing a matrix to assign authorizations in a computerized environment. The fourth part must be done outside of class, as we have been warned SAP writes all the authorizations to the archive log. A class as small as 40 students has crashed the entire instance. This part deals with investigating how SAP sets up authorizations for users. Accounting Information Systems

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.