PROBLEM SET B For each of these Recommend 1. Latisha fu anorata oases identify t
ID: 2541131 • Letter: P
Question
PROBLEM SET B For each of these Recommend 1. Latisha fu anorata oases identify the principle(s) of intern what the business should do to ensure adherence to principles of internal con Tally is the company's computer specialist and oversees its computerized pay al control that is Analyzing internal control C1 trol boss recently asked her to put password protection on all office computers. Latisha has put a passwori in place that allows only the boss access to the file where pay rates are changed and personnela added or deleted from the payroll roll system. 2. Marker Theater has a computerized order-taking system for its tickets. The system is active all wed and backed up every Friday night. Sutton Company has two employees handling acquisitions of inventory. One employee places chase orders and pays vendors. The second employee receives the merchandise. 3. 4. The owner of Super Pharmacy uses a check software/printer to prepare checks, making it difficalt i anyone to alter the amount of a check. The check software/printer, which is not password on the owner's desk in an office that contains company checks and is normally unlocked. pu 5. Lavina Company is a small business that has separated the duties of cash receipts and cash disburse ments. The employee responsible for cash disbursements reconciles the bank account monthlyExplanation / Answer
In this case IT security policy relating to access control is not followed properly as Latisha is a computer expert who should not have access to Pay Roll data which is confidential to company and for employees. Although she has set up a password for the boss but she herself also knows the password which does not makes the system data secured. Latisha should have only the responsibility of guiding a the Hr department and her boss on how to secure the system. The system is active all time but back is done only on Friday which shows a poor control on Backup and Recovery. Such real time systems should have regular backups to secure the data loss The principle for regular data backups is to back up data daily. That backup could be to media (e.g., tape or external hard drive), or it could be to a remote location via the cloud (i.e., the Internet). If an enterprise is backing up to media, the aforementioned principle recommends that backups be conducted to a different media for end-of-week and end-of-month backups (this daily, weekly and monthly set of backups is known as “grandfather-father-son”) Internal control for accounts payable is weak as the potential consequences in this case fraudulent invoices approved for payment and Unauthorized payments made to non-existent vendors as Purchase placing and vendor payment has been assigned to same person. There should be separation of duties to different people on approving purchase, placing order, receiving the order, payment to vendor and reconciling. In this case IT security policy relating to access control is not followed properly as per the policy system should always be locked before leaving the seat to secure the access. The critical systems/software should always be kept password secured by the user so that no misuse can happen to such systems. In this case system should be locked and also should have auto lock system if left idle. The user should secure the printer/software with a strong password as checks issuance is very critical to company’s wealth. In this case internal control over cash is weak as segregation of duties is not properly done. The person who is responsible for checks disbursement is performing the bank reconciliation which will not help in identifying the error while issuing the checks. Reconciliation should be done by another person or by person receiving the cash so that incoming and outgoing of funds can be tracked properly.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.