Accounting System Controls
In accounting systems, certain controls are needed to ensure that employees are
doing their jobs properly and ensure that the system runs properly. These checks
are in the best interest of the organization. These controls come in the form of
internal and external controls for the system. The internal controls are the
checks that are placed in the system my the company’s own management and
directors. Today more and more companies are moving from the manual accounting
systems to computerized accounting information systems. The advantages of a
computerized system are increases in the speed and accuracy of processing
accounting information. However, as systems become computerized, the internal
controls for that system has to be adapted accordingly. This is because
computerized systems bring with them certain unique problems that can only be
removed or minimized by adapting the present controls and adding new controls.
These problems are
In a manual system there is a paper trail for the internal auditor to
follow. All records and transactions are kept on paper and so an auditor has
clear and documented proof of what has transpired. Computerized systems rarely
have a clear paper trail to follow. Since computers do all of the sorting of the
information the company rarely sorts the source documents. Also the computer
does most of the calculations and processing so there would not be the amount of
documentation that there would be in a manual system.
Another problem of computer systems is the fact that there can be
difficulty in determining who entered the data. In a manual system the identity
of the person entering the data can be identified possibly by the person’s
handwriting. This cannot be done in a computerized system. This makes it very
difficult to determine who is responsible for errors or fraud.
Since the computers do all calculations and processing errors can
occur due to bad design of the program. This can be difficult to detect
especially if the error does not occur frequently and only does so under
Computer systems also offer new opportunities for fraud. If a
computerized system is not set up properly and certain checks not put in then
the computer system can be used to defraud the company. The fact that it is
difficult to trace who enters the data only adds to the magnitude of this.
In order to minimize the risks of errors or fraud occurring in the
computer system certain controls have to be put into place. These controls can
be broken up into three different categories. They are
1. Administrative Controls
2. Systems Development Controls
3. Procedural Controls
Administrative controls are those controls are those controls that are
placed on the system to ensure the proper organization and processing of data.
These administrative controls are
Division of duties.
Duties are assigned to different individuals in the organization. This
is done in such a way that no one person can have full control over a
transaction. This ensures that an individual cannot have full control over the
creation and operating of the system. One reason for this division is having one
person controlling the system can result in fraud if that person is not
completely trustworthy. Another reason for the division of duties is to prevent
the organization from becoming totally dependent on the person controlling the
computer system. If this person were to leave then the organization would have
no one to run the system. The division of duties ensures that employees can
leave without having any major effect on the system.
Operation controls are necessary controls since they since they
determine what the computer systems and the employees using the system have been
doing. These controls can come in the form of
rotation of shifts
a manual of operating instructions
These controls can allow an auditor to track the exact actions of the
computer systems and employees. This documentation allows the to easily spot any
errors or improper actions that have occurred.
These controls are put in place to minimize the number of errors and
omission that occur in the file system. Good file controls are
Availability of a skilled technician
Proper procedures for issuing and returning files
proper labeling and indexing of files
protection of storage media from dust, humidity, fire etc.
Procedures for returning files for certain minimum periods
Facilities for recovering files that have been damaged or corrupted.
Facilities for creating backup copies of files.
The placement of these controls have very serious implications. These