Internal controls are necessary to reduce the risk of fraud. Even employees who are honest can be tempted when they handle large sums of money on a regular basis. This is especially true it the business owner has not implemented any access controls or set up shared control over the business finances. With the additional pressure of an unstable economy, the temptation can become too great for some people if there are no controls in place – remember desperate people do desperate things.
Once the control policies and procedures are established, management should ensure that the controls are being followed.
One thing to consider when creating an internal control policy is limiting permissions for people using QuickBooks® and creating a separate user sign-on for each user. In a small business environment, bookkeeping is often performed by only one or two employees. However, it is still important to give serious consideration to the areas of the system they are allowed to access. QuickBooks® will allow you to limit or even deny a user’s access to certain areas of the system. Management should take the time to become familiar with the capabilities of QuickBooks® and to limit an employee’s access in areas that might not be appropriate. Make sure you have a policy in place that does NOT allow employees to share passwords! If you have a larger accounting staff, you should limit access by areas of responsibility among staff (i.e. A/P vs. A/P). No single person in the organization (other than the owner) should have “ADMIN” rights to everything. The issue with making someone other than the owner an administrator is that it allows them to cover their own tracks, or over-ride important control provisions.
No comments:
Post a Comment