Big4Guy
Big4GuyWelcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.
|
Post details: IT Based Antifraud Controls - SOD & SAT
11/01/06
IT Based Antifraud Controls - SOD & SAT
The main purpose with which Sarbanes Oxley was enacted was to curb fraud in corporates. Fraud is one of the most major risk facing corporates today. Some of my earlier posts do touch upon antifraud controls and fraud screnarios, I have not really talked about IT based antifraud controls. IT plays a important role in todays organization. Organizations can leverage IT in their sarbanes oxley compliance plans to address fraud risks. IT based antifraud controls can be used in SOX compliance. Let me explain how It based antifraud controls can be used.
Segregation of duties in applications SOD - The basic premise of segregation of duties is that users should not be in a position to initiate and authorize their own transactions. Modern IT applications ERPs like SAP, Oracle Apps, J D Edwards, Peoplesoft can be configured based on roles. Access to specific transactions in the system can be restricted based on user roles and profiles. Segregation of duties in applications can act as a major antifraud controls and lead to better SOX compliance.
Sensitive Access Controls SAT - The other important antifraud control is restricting user access to sensitive transaction in the system. From an IT perspective users have access to a lot of information such as payroll data, balance sheet, profit and loss account etc. This sensitive information can be misused. It is therefore important to restrict users access to this sensitive information in applications. Sensitive access controls address this requirement. SATs coupled with SODs can act as the foundation for IT based antifraud controls.
Related Posts
Sarbanes Oxley IT Compliance
Sarbanes Oxley Balancing Risks and Controls
Sarbanes Oxley Record Retention
Comments:
No Comments for this post yet...
Categories
Archives
Search
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
| << < | > >> | |||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Misc
All content copyright © 2005-2008
Big4Guy.com
Do not reproduce either in part or full without the express permission of the
Webmaster
