50 likes | 172 Views
ERM - Control Activities . Authorization of transactions Segregation of incompatible duties Independent checks on performance Safeguarding assets and information Design and use of adequate records Management and review of activities. Segregation of Duties.
E N D
ERM - Control Activities Authorization of transactions Segregation of incompatible duties Independent checks on performance Safeguarding assets and information Design and use of adequate records Management and review of activities
Segregation of Duties Good internal control requires that no single employee be given too much access to business transactions/processes. An employee should not be in a position to commit and conceal fraud.
Segregation of Duties Effective SOD is achieved when the following functions are separated: • Authorization – approve transaction/decision • Recording – prepare source documents; enter data; generate performance reports • Custody – handling of physical assets; writing checks; receiving mail; maintain journals/ledgers/files /databases • Approval/Monitoring – perform reconciliations; variance analysis; edit report reviews
Proper Segregation of Duties Ideally separate individuals are involved in each component. Lack of headcount is the major obstacle to appropriate segregation of duties.