User Access Controls protect user access to automated financial systems. These controls restrict user access only to authorized users and only for the functions they need to perform their jobs. Effective user access control practices help to mitigate the risk to nonprofit organization of unauthorized or fraudulent activity occurring.
User Access Controls include assigning:
Login Rights-designate who is authorized to log onto a system and how they log on
Permission Rights-designate which functions each user may perform within the system, for example, input, edit, delete or view only.
Best Practices For User Access Controls