5 Compliance Functions Every Accounting System Should Have
5 Compliance Functions Every Accounting System Should Have
Companies have also experienced many positive side effects of their compliance efforts. According to the Aberdeen Group smaller, private companies, including mid-size enterprises, are finding financial gains in improving the accuracy and reliability of their financial reporting.
No specific system can be endorsed as the answer to resolving compliance issues. So the question becomes, which application is the best fit to support your company's compliance? Whether you have a system in place or are just starting to look for one, there are several critically important compliance questions you should be asking.
#1 Is Your Financial Information Protected by Role Based Security?
Auditors have long looked to separation of duties to reduce risk. Section 404 of the Sarbanes-Oxley Act (SOX) reinforces the importance of this approach and refers to the segregation of duties as vitally important for the health of a company. Any ERP worth its salt will offer something called role based security or access controls to enforce the separation of duties within your financial management system.
Role based security is able to limit visibility and control, on a per user basis, so that transactions or edits can be made only where authorized. Permissions can be as simple as restricting a user from an operation to security flags in the system when an unauthorized transaction is taking place.
Here are the things you should look for to ensure proper role based security:
- Do all users have assigned roles?
- Do you have control over what records and to which types of changes users have access?
- Are users restricted to accessing information only for their respective departments?
- Do these roles have specific forms associated with them, enabling users to see only the information they need and thereby protecting more sensitive data?
- Can you limit certain types of access to business data from specific locations?
- Are you given the ability to control changes that are made?
- Can you ensure critical business data doesn't leave your company?
#2 Is the Integrity of Data Preserved with an Always On Audit Trail?
One of the advantages of using software to store data is that the history of data changes can be tracked. Should an entry be changed or deleted, accidentally or otherwise, a record is kept of what changed, when it changed, who changed it, and how it was changed. Knowing how critical financial data is backed up and being able to easily access audit information is crucial when evaluating a financial management system.
Some questions to ask as you dig into a systems' audit trail are:
- How easy is it to call up a past revision?
- Can management be alerted if a transaction is tampered with by an unauthorized user?
- Is it always-on?
- Can the audit trail be disabled?
- Is the user who entered or edited the transaction identified?
- Is there a record of when the entry was made?
- Is the latest value of the entry displayed?
- Does an audit-trail of non-transactional records exist?
- Are changes that were made at the individual level identified?
- Is who made the change, when it was made, before/after values of fields highlighted?
#3 Does Complaint Tracking Enable Anonymous Whistle Blower Reports?
SOX 301 states that a forum be created for treatment of "receipt, retention, and treatment of complaints". This article requires "companies to establish hotlines to allow employees a confidential and anonymous method of whistle-blowing if dodgy auditing or accounting practices are discovered."
Like financial data, the handling of whistle blower complaints also requires the same audit trail and controls. Each of these concerns can then be referenced at any time as well as the steps taken to verify and resolve the issue.
When evaluating a system's ability to track complaints, here are some things you should be looking for:
- Does the system allow for anonymous complaints?
- Will all employees have access to the system?
- What controls are in place to ensure all issues are properly treated?
- How are these complaints and resolutions stored?
- Are complaints escalated if no action is taken?
#4 Do Your Controls Ensure Accurate Reporting?
Financial controls are intended to ensure the accuracy, timeliness, and completeness of financial data as well as compliance with policies and regulations. In addition, financial controls help to prevent or detect erroneous or inappropriate transactions.
Virtually all financial processes, like acquisitions, cash receipts handling, and billing, have financial controls. Selecting a financial management system that enforces "best practice" controls and allows real-time visibility to company information and activity provides an ideal platform for managing compliance.
Here are some questions to help you evaluate your system:
- Are you receiving reliable financial data?
- Are your records and assets safeguarded?
- Do you have a mechanism with which to evaluate operational efficiency?
- What process enforces adherence to prescribed policies and regulations?
#5 What Functions Exist for Storing Documents and Emails?
Good internal control procedures require that documents and e-mails be archived in such a way that they can be accessed for future reference and potential investigation. Key functions to confirm in your financial system include:
- Backups
- Encryption
- Security
- Password protected
- Permissions to access
- Indexing and search functions
- Detailed history of who checked out docs and for how long
Extending the same role based security and audit tracking to reports and emails allows a complete compliance view, supporting your company's efforts to ensure adherence to internal and external standards.
5 Compliance Functions Every Accounting System Should Have - To learn more about this author, visit Steve Fanning's Website.
Like this article? Share it with your friends
At no other point in history has compliance been so important for public and private companies as today. Executives increasingly look to financial management systems, commonly referred to as Enterprise Resources Planning (ERP) systems, to manage their complex compliance needs.
Companies have also experienced many positive side effects of their compliance efforts. According to the Aberdeen Group smaller, private companies, including mid-size enterprises, are finding financial gains in improving the accuracy and reliability of their financial reporting.
No specific system can be endorsed as the answer to resolving compliance issues. So the question becomes, which application is the best fit to support your company's compliance? Whether you have a system in place or are just starting to look for one, there are several critically important compliance questions you should be asking.
#1 Is Your Financial Information Protected by Role Based Security?
Auditors have long looked to separation of duties to reduce risk. Section 404 of the Sarbanes-Oxley Act (SOX) reinforces the importance of this approach and refers to the segregation of duties as vitally important for the health of a company. Any ERP worth its salt will offer something called role based security or access controls to enforce the separation of duties within your financial management system.
Role based security is able to limit visibility and control, on a per user basis, so that transactions or edits can be made only where authorized. Permissions can be as simple as restricting a user from an operation to security flags in the system when an unauthorized transaction is taking place.
Here are the things you should look for to ensure proper role based security:
- Do all users have assigned roles?
- Do you have control over what records and to which types of changes users have access?
- Are users restricted to accessing information only for their respective departments?
- Do these roles have specific forms associated with them, enabling users to see only the information they need and thereby protecting more sensitive data?
- Can you limit certain types of access to business data from specific locations?
- Are you given the ability to control changes that are made?
- Can you ensure critical business data doesn't leave your company?
#2 Is the Integrity of Data Preserved with an Always On Audit Trail?
One of the advantages of using software to store data is that the history of data changes can be tracked. Should an entry be changed or deleted, accidentally or otherwise, a record is kept of what changed, when it changed, who changed it, and how it was changed. Knowing how critical financial data is backed up and being able to easily access audit information is crucial when evaluating a financial management system.
Some questions to ask as you dig into a systems' audit trail are:
- How easy is it to call up a past revision?
- Can management be alerted if a transaction is tampered with by an unauthorized user?
- Is it always-on?
- Can the audit trail be disabled?
- Is the user who entered or edited the transaction identified?
- Is there a record of when the entry was made?
- Is the latest value of the entry displayed?
- Does an audit-trail of non-transactional records exist?
- Are changes that were made at the individual level identified?
- Is who made the change, when it was made, before/after values of fields highlighted?
#3 Does Complaint Tracking Enable Anonymous Whistle Blower Reports?
SOX 301 states that a forum be created for treatment of "receipt, retention, and treatment of complaints". This article requires "companies to establish hotlines to allow employees a confidential and anonymous method of whistle-blowing if dodgy auditing or accounting practices are discovered."
Like financial data, the handling of whistle blower complaints also requires the same audit trail and controls. Each of these concerns can then be referenced at any time as well as the steps taken to verify and resolve the issue.
When evaluating a system's ability to track complaints, here are some things you should be looking for:
- Does the system allow for anonymous complaints?
- Will all employees have access to the system?
- What controls are in place to ensure all issues are properly treated?
- How are these complaints and resolutions stored?
- Are complaints escalated if no action is taken?
#4 Do Your Controls Ensure Accurate Reporting?
Financial controls are intended to ensure the accuracy, timeliness, and completeness of financial data as well as compliance with policies and regulations. In addition, financial controls help to prevent or detect erroneous or inappropriate transactions.
Virtually all financial processes, like acquisitions, cash receipts handling, and billing, have financial controls. Selecting a financial management system that enforces "best practice" controls and allows real-time visibility to company information and activity provides an ideal platform for managing compliance.
Here are some questions to help you evaluate your system:
- Are you receiving reliable financial data?
- Are your records and assets safeguarded?
- Do you have a mechanism with which to evaluate operational efficiency?
- What process enforces adherence to prescribed policies and regulations?
#5 What Functions Exist for Storing Documents and Emails?
Good internal control procedures require that documents and e-mails be archived in such a way that they can be accessed for future reference and potential investigation. Key functions to confirm in your financial system include:
- Backups
- Encryption
- Security
- Password protected
- Permissions to access
- Indexing and search functions
- Detailed history of who checked out docs and for how long
Extending the same role based security and audit tracking to reports and emails allows a complete compliance view, supporting your company's efforts to ensure adherence to internal and external standards.
5 Compliance Functions Every Accounting System Should Have - To learn more about this author, visit Steve Fanning's Website.
Like this article? Share it with your friends
 | |
 |
nice site
Commented on 5 Compliance Functions Every Accounting System Should Have. |
| |
Leave Your Feedback |
 | |
| |||
|
To learn more about the Evan Elite Author Program please contact us. |
 | |
|  |
Subscribe to Steve's articles
 | |
|
|  |
 | |
|
| |
 | |||||||
|
 | ||
 |
||
 |
||
 |
||
|
| ||
 |
| Have you written articles that would be of value to entrepreneurs? Become an expert on our site by publishing them! Expose yourself to a wide audience, drive more traffic to your website and get more sales! Click Here for details. |
|
|
 |
| Modeling the Masters: Learn the true secrets behind Walt Disney's business success factors & grow your company! Video produced by Phanta Media |
|
|
 |
"Learn straight from Evan how you can Make a Full Time Income (And More) from a Website"
Click Here To Learn More |
|
|
|
|
Get advice & tips from famous business owners, new articles by entrepreneur experts, my latest website updates, & special sneak peaks at what's to come!
|
|
|
 Memorandum Template 1 Organized in 10 mins The Human Network Best Cover Letter Relationships and Referrals |
|
 | ||
 |
Top 50 Geek Business Blogs
Top 50 Geek Business Blogs | |
 |
Top 50 Blogs For Startups
Top Blogs To Watch In 2008 | |
| ||
 | ||||
| ||||
|
| ||||
| ||||
|
|
|
|
|
|||||||||
|
Email us your ideas on how to make our website more valuable! Thank you Sharon from Toronto Salsa Lessons / Classes for your suggestions to make the newsletter look like the website and profile younger entrepreneurs like Jennifer Lopez and Sean Combs!
|
|
|
| ||||||||||||
| ||||||||||||
|
|
||||||||||||