Roberta Katz Consulting
(917) 359-1158​
Schedule Consultation​
  • Home
  • About
  • Webinars
  • Services
  • Articles
  • eBooks
  • Blog
  • COVID-19
    • Covid-19 & The Importance of Finance
    • Covid-19 & Fraud Risk Mitigation
    • Covid-19 & Financial Reporting
    • Covid-19 Technology & Working Remotely
  • Contact
  • Privacy Statement

Blog

Protecting User Access To Automated Financial Systems

3/8/2023

0 Comments

 
Picture

​User Access Controls protect user access to automated financial systems. These controls restrict user access only to authorized users and only for the functions they need to perform their jobs. Effective user access control practices help to mitigate the risk to nonprofit organization of unauthorized or fraudulent activity occurring. 

User Access Controls include assigning:
Login Rights-designate who is authorized to log onto a system and how they log on
Permission Rights-designate which functions each user may perform within the system, for example, input, edit, delete or view only.

Best Practices For User Access Controls


​ NEW USER AUTHORIZATION.
​Prior to granting access to a new user, proper authorization should be provided to the system administrator. For example, a user access request should be submitted by an authorized approver.

USER TERMINATIONS
​System access for terminated employees and other users should be promptly revoked upon their termination. A formal process should be implemented for notification of terminated users to the system administrator. This process should be included in an exit checklist for terminated users. 

ASSIGNING PERMISSION RIGHTS.
​Assigning permission rights based on roles ensures that all users who are assigned a particular role are given the same permissions appropriate to their role. 

REVIEW AND UPDATE USER ACCESS
Periodic review and update of users who have access to the systems and their permissions should be undertaken to identify terminated employees whose access was not removed and to reflect changes in permissions due to changes in an employee’s role. These changes should not be implemented by the system administrator without proper authorization.

MAINTAINING INTERNAL CONTROLS
Internal controls such as segregation of duties and supervisory approvals should be maintained when assigning permissions. For example, no one person should be able to input, edit and approve their own transactions in the system. Maintaining these controls will mitigate the risk of unauthorized or fraudulent activity.


Roberta Katz Consulting can assist your organization in identifying and evaluating fraud risks and provide guidance and tools that have proven to be effective in managing risk. Schedule a complimentary consultation today!
Let's Discuss!

0 Comments



Leave a Reply.

    Archives

    March 2023 February 2023 January 2023 December 2022 September 2022 July 2022 June 2022 April 2022 March 2022 February 2022 December 2021 October 2021 July 2021

    Categories

    All Fraud Risk Management Infrastructure Policies & Procedures Workflow Analysis & Redesign


Quick Links


  • Home
  • About
  • Webinars
  • Services
  • ​Articles
  • Covid-19 Resources
  • Contact
  • ​Privacy Statement

Book Appointment
Schedule a Complimentary Consultation

Contact


Phone: (917) 359-1158
Email: robertapkatz@gmail.com
​LinkedIn: www.linkedin.com/in/robertakatzmba

Roberta Katz Consulting
​​61-43 186th Street, Suite 606 Fresh Meadows, NY 11365

Copyright © 2021 Roberta Katz Consulting

Roberta Katz Consulting
61-43 186th Street, Suite 606
​ Fresh Meadows, NY 11365 
Phone: (917) 359-1158
Email: robertapkatz@gmail.com
​Website: www.rpkatzconsulting.com

  • Home
  • About
  • Webinars
  • Services
  • Articles
  • eBooks
  • Blog
  • COVID-19
    • Covid-19 & The Importance of Finance
    • Covid-19 & Fraud Risk Mitigation
    • Covid-19 & Financial Reporting
    • Covid-19 Technology & Working Remotely
  • Contact
  • Privacy Statement