Acct 74040 - How to Process Transaction in Acl Audits?

ACCT 74040

ACL Final Take Home Assignment

PART A: 30 Marks

It would be very effective if this company had a file that consisted of;

• Employee Name        
• Department Number
• Department Name
• Security Job Profile
• Security Job Profile Description

This would allow the auditors to be able to view one file that would have all the information they were looking for. However, the Job Access Security Profile file will need to be imported into ACL for this to be done. The company’s current security profile tracking system contains of four different files whose information differ from one file to the next. There are many potential risks that the company is exposed to by having four different security profile files.  

• The first step for identifying the security access problems at this company is to complete an analysis using the terminated employees file and the current employee listing. The purpose of this analysis is to determine if any terminated employees are listed on the current employee listing.

• After that analysis is complete, create a new table that contains the correct current employees (after removing any records that were found in the terminated employees table).

• The next step would be to do a further analysis on the terminated employee’s data. This file has only 52 records listed, so not a lot of time needs to be allocated to this.

•  If you do not want to allocate much time to this analysis, you can pick out the records of the employees that were terminated the most recent and do an analysis on those records. (For example, H Hughes and B Vamos is on the terminated listing but appears in the employee security profiles as having access).

• The next step is to check for duplicates in the new employee security profiles. This is also testing the company’s segregation of duties because if there are duplicate records for employees then that means an employee has multiple accesses.

• Another concern that I have is in relation to the security profile listings. We need to have an updated and accurate copy of employee’s security accesses. Working with these four files raises a lot of questions and concerns for the auditor. For example, in Profile 1 S Acton has a profile of ‘A’, however in profile file 2,3 and 4 his job profile is ‘N’. Which of these listings are correct, and which are incorrect.

[pic 1]

[pic 2]

[pic 3]

[pic 4]

[pic 5]

[pic 6]

[pic 7]

[pic 8]

[pic 9]

...