IT Governance, Risk, and Compliance

Mar 30 2012   8:48PM GMT

Irregularities and Illegal Acts Agreed-Upon Procedures Assessments – Part VII

Robert Davis Robert Davis Profile: Robert Davis

SOD controls are designed to reduce the opportunities for errors, mistakes, omissions, irregularities, and illegal acts perpetration and concealment. SOD is a primary internal control measure utilized for manual and automated systems. An autonomous function for computer data entry may exist within an enterprise. However, even if the entity distributes data entry (entering) responsibility to employees, SOD should be maintained. Furthermore; origination, processing, verification, signoff, and distribution responsibilities should be monitored and evaluated for violating SOD controls.

Protective measures should also be deployed to ensure information assets are maintained in a properly controlled and secured environment. Specifically, a physically and logically secure environment should exist at the GCC level. Regarding irregular and illegal acts, adequate IT personnel and inventory identification as well as access restrictions should be considered crucial controls. Pervasively, employing a competent information security manager can ensure continuous monitoring of general as well as application access.

View Part I of the Irregularities and Illegal Acts Agreed-Upon Procedures Assessments series here

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: