Sunday, May 24, 2009

Understand what can and cannot be done to the audit trail of the accounting software

The audit trail of accounting software can be a very useful tool when conducting a fraud investigation, especially when combined with an appropriate and effective IT Policy. An audit trail provides a history of who has accessed the accounting software and what transactions those people have conducted in the accounting software.

An audit trail allows for the examination of access history by users of the software. It shows what users have accessed or attempted to access as well as what those users have changed. An audit trail can also show when someone attempts to by-pass the security that has been put in place. It can act as a method of detecting fraud if people are aware it is reviewed regularly.

Audit trails can also be used as a method of detecting fraud. By reviewing the audit trail it can show patterns of when a person conducts transactions or even potentially turn the audit trail on and off. When fraud investigations have been undertaken, it has been discovered that the audit trail would be turned off and within a short period of time turned back on. During this time the fraudulent transactions were processed.

An organisation needs to understand the security measures attached to the audit trail, if the audit trail can easily be turned on and off and how to protect the data collected by the audit trail.

If the accounting package being used allows, the organisation should have the IT administrator turn the audit trail on and password protect it so that no user of the software can turn the audit trail off or delete transactions within the audit trail.

No comments:

Post a Comment