Separation of Duties Separation of Duties is a term defined as “a security principle that says no one person should be able to effect a breach of security” (Definition of: separation of duties, 2008). What this means, is that one person should not be, on the whole, responsible for both the design and implementation of security within an organization. The goal being that there is not one single point of failure where one person can subsequently take advantage of a process inside a company and benefit from ill-gotten gains. This principle is readily practiced in the area of finance and is becoming more popular within the Information Technology field. For example, within the area of finance, the Department of General Services of California has a section within its State Administrative Manual that quotes the requirements of the Financial Integrity and State Manager’s Accountability Act of 1983, which “…requires that the head of each State agency establish and maintain an adequate system of internal control within their agencies. A key element in a system of internal control is separation of duties” (Department of General Services of California, 2008). The manual then goes on to list explicitly how entities are designated, the actions they may take, the number of actions each entity may take, and the level of authorization for each duty. In general, Information technology takes the same approach, by following the same principle; that certain key duties should be performed by different individuals. Such duties may be the physical custody or access to certain assets; authorization or approval of transactions affecting those assets; recording transactions for those assets; control or review responsibility for those assets. (The University of British Columbia, 2006). By having these and other duties performed by separate individuals, there becomes a system of checks and balances that is established. This also creates a system of reducing errors and/or fraud from going undetected. The adage of John Emerich Edward Dalberg Acton’s “Power tends to corrupt, and absolute power corrupts absolutely,” is the core principle; making sure that no one person has total control of an asset. According to the SANS Technology Institute, “Intellectual property is the lifeblood of an organization and process should be designed to protect it,” (SANS Technology Institute, 2008) and Riordan would be well advised to take this into account as well. SANS goes on to outline several suggestions that are well advised, such as:
The people at the helm of affairs are responsible for formulating rules, procedures and guidance and are for enforcing the rules. There are clear cut boundaries for each of the roles.
The term segregation of duties is an important internal control that must be tested and followed. “The rationale for segregation of duties is that the work of one employee should, without a duplication of effort, provide a reliable basis for evaluating the work of another employee. There are two common applications of this principle:
The ITGC regularly handle program changes, development, and access as well as basic computer operations. A poorly designed IT framework and accessibility protocols increase the company’s susceptibility to internal and external attacks, which result in the loss valuable financial information or its utilization to commit and conceal fraud. In asset misappropriation for example, an individual with access to the company’s accounting software has the opportunity to commit and conceal fraud. For example, Wayland Manufacturing Company’s accounting department oversees the maintenance of the Accounts Payable and Purchases general ledgers. Therefore, Newbaker is responsible for recording invoices and cash disbursements. Therefore, he has the accessibility to modify the company’s vendor list to include fictitious vendors that increase the likelihood of payment for fictitious invoices (Fraud Risk Assessment n.d.) (Eikel 2008) (Arens, Elder, & Borsum
[Separation of power is when the government is divided into 3 distinct branches. Doc B, proving separation of powers is protecting the states from tyranny, is an excerpt from Federalist Paper #47 by James Madison. Federalists papers were created by 4 delegates, including James Madison, trying to convince the majority of the 13 states to ratify the constitution.] According to Doc B, “three great departments of power should be separate and distinct.” James Madison is explaining, to guard against tyranny the states needed to keep the three branches separate and unique with their own powers and restrictions. This is shown throughout the three branches responsibilities. The legislative power is given to congress, while the executive power is given to the president, last the judicial power is given to the supreme court. These branches then have their own jobs. *Separation of powers guard against tyranny by making sure no one branch has more power and no one branch holds all the power, preventing
There are those in the profession that believe this rule is archaic and does not hold any value in today’s financial world. Barry Melancon, President and CEO of the American Institute of Certified Public Accountants stated, “The SEC has a right to expect the profession to adhere to the rules; however, the profession has a right to expect the regulatory environment to remain modern.”
Assignment of responsibility for certain functions of the bookkeeping and accounting process ensures that when a problem occurs a specific person is accountable. This, in turn, provides an incentive to that person to do their job correctly because any issue or problem will be their sole responsibility. Splitting duties has a similar impact on employees. By providing a system of checks and balances, i.e. one person keeps the records while another keeps the assets, the chance for fraud is greatly decrease and honest mistakes are easily caught. There are many physical, mechanical and electronic controls that provide further safety for a company’s assets. These include passwords, safes, alarms, security cameras, time clocks and locks (Kiesco et.al, 2008). The use of an auditor or other third party to independently verify the bookkeeping and accounting procedures performed by employees adds another layer of safeguarding to a company’s inter...
There are six principals of internal control that apply to most enterprises. Establishment of responsibility- gives only one employee responsibility over a certain task. Someone is less likely to steal if they are the only person that can be linked back to a task. Segregation of Duties- different people are responsible for related activities and record keeping for assets is kept separate from physical custody of assets. Physical, Mechanical, and Electronic control- Physical
Why is Segregation Duties so important in business? It is only important when the two responsibilities conflict with each other. The concept of the idea is to have another pair looking for errors. The function of Segregation of Duties is to eliminate all possibilities of errors without someone noticing it. The most viable situation that SOD can progress in is placing the other employee duty within in the same department. The responsibilities should be clearly identified and assigned to personnel in the
In turn, the internal controls within a company may be interpreted as the outcome of their risk management procedure established during the ‘planning and budgeting’ process. Lanen, Anderson, & Maher (2014, p. 471) state that “internal controls provide management with reasonable assurance that their company’s assets are protected and the company’s accounting is reliable”. For instance, one procedure that management would have in place that would safeguard the resources of the company is separation of duties. To elaborate, with a strong separation of duties in place within a company, each activity that occurs within the company is fulfilled by more than one individual. As such, this would decrease the likelihood that a sole person would be able to successfully steal or manipulate the company resources in some fashion. In addition, the procedure prevents one person from overseeing all of the operations occurring within one activity, which may prove to be overwhelming. Thus, if an employee is unable to handle a certain aspect of a required duty in a particular activity, then it will be assigned to someone who is qualified (i.e. more
The Company observes the practice of decentralization where the responsibility and authority in all decision-making for the divisions’ operations lie in its respective division managers, except those relating to overall company policy.
if each department will still think of the welfare of the other departments in the
Filing information and documents (manually and using computerised databases) and being able to find them again when necessary. They must also ensure confidentiality of private and sensitive information.
The Application of Separation of Power in the U.S.A – An organic separation of powers.
In conclusion, appropriate principles could lead to clearer interaction and more comparable financial reporting standards without the need of the current rules. The NZ Framework has provided parts of clear and appropriate underlying principles to lead the application of NZ GAAP and other financial reporting standards. However the standards setting movement from ‘rule-driven’ approach to ‘principle-based’ approach is still half-way in New Zealand. How could principles be sufficiently clearly portrayed and put into practice require the profession to think and support. Just as Tweedie (2007, p.7) states, a principle based system will only work if preparers, auditors, users and regulators wish to make it work.
Because members of school administration are entrusted with the management of public funds, administrators must act ethically and with integrity to ensure school funds are utilized responsibly and that policies that affect the district’s financial integrity are closely examined. Therefore, policies, such as approval of expenditures and payroll, finance and goal setting, and the preparation of the budget, that directly impact the financial integrity of a school district should be carefully