IAM

Payable and Receivable – User has access to both

By November 3, 2015 No Comments
The general premise of Separation of Duties is to prevent one person from having both access to assets and responsibility for maintaining the accountability of those assets. The failure to segregate the duties of Account Payable and Account Receivable is a critical mistake for any business. The basic idea underlying SOD is that no employee or group of employees should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties.
In general Accounts payable function and Account receivable function should be separated among employees. Purchase officer may have the authority to bind the company to purchase orders. Purchase officer’s Manager should be required to approve purchase order over that amount. After the product is received, the accounts payable officer matches the purchase order and invoice before payment is made.
For example if one person having access to both Account Payable and Account Receivable, the person can perpetrate and conceal their fraud for longer periods of time. The person can take advantage of his position as a trusted employee and can defraud his employer. This fraud would have been much harder to commit if her duties were properly segregated to others within the organization.
Separation of duties is a security method to manage conflict of Access, the appearance of conflict of Access, and fraud. Separation of duties restricts the amount of power held by any one individual. It puts a barrier in place to prevent fraud that may be perpetrated by one individual. Segregation of duties is critical to effective internal control; it reduces the risk of both erroneous and inappropriate actions.