segregation of duties key activities

SEGREGATION OF

DUTIES

Key Activities

Version 6.2.0 – 2019/04

ContentsPage Analytic Name

4 User creates a vendor and an invoice for this vendorSD Analytic 01

6 User creates a customer and an invoice for this customerSD Analytic 02

8 User creates a purchase order and receipts the goods or servicesSD Analytic 03

10User creates a credit memo for a customer and creates a refund for

the customerSD Analytic 04

12 User creates and approves the purchase orderSD Analytic 05

14 User creates general ledger account and posts journal entrySD Analytic 06

16 User amends vendor bank account number and pays vendorSD Analytic 07

18 User pays vendor and performs bank reconciliationSD Analytic 08

20 User adjusts selling prices and creates customer invoicesSD Analytic 09

22 User receives goods and adjusts the inventory levelsSD Analytic 10

24 User receives goods and writes off inventorySD Analytic 11

26 User receipts goods or services and creates invoiceSD Analytic 12

User Creates A Vendor And An

Invoice For This VendorSD_ANALYTIC_01_SDCS501

Identifies where a user creates a vendor and an invoice for this vendor

ACCOUNTS PAYABLE

Essentials – Segregation of Duties

SD_ANALYTIC_01_SDCS501

ContextThere should be segregation

of duties between the person

creating a vendor and the

person creating invoices to

that vendor as this will ensure

the integrity of the vendor

master data is maintained.

RiskThe user could potentially create and ultimately pay fraudulent or fictitious vendors.

ProcedureIdentifies where a user creates a vendor and an invoice for this vendor.

Analytic LogicExtracts accounts payable and vendor data and analyzes processed activities to identify

where the same user has created a vendor and also created an invoice for this same vendor.

User Creates A Vendor And An Invoice For This Vendor

Output Results Field Names

Activity Description Activity Indicator User ID User Full Name Vendor ID

Document Number

Output Visualization Examples

Document Type Date Amount in Document Currency

Vendor Name

Document Currency

Amount in Reporting Currency Report Currency Company Name Company Code

Summary of exceptions – user

creates a vendor and an

invoice for that vendor

Count of exceptions where

user created a vendor and an

invoice for that vendor

User Creates A Customer And

An Invoice For This CustomerSD_ANALYTIC_02_SDCS503

Identifies where a user creates a customer and an invoice for this customer

ACCOUNTS PAYABLE


| SD_ANALYTIC_02_SDCS503

RiskA user who is able to create customers should not be able to create a customer invoice for

that same customer as the details on the invoice could be amended to that of the employee to

ensure payment into their own account.

ProcedureIdentifies where a user creates a customer and an invoice for this customer.

Analytic LogicExtracts accounts receivable data and customer data, and analyzes processed activities to

identify where the same user has created the customer and also creates an invoice for the

same customer.

User Creates A Customer And An Invoice For This Customer



ContextMaintaining customer master

data should be segregated

from customer related

transactions, such as

customer invoicing. This will

ensure valid and accurate

customer invoices issued.

Activity Description Activity Indicator Customer Number Customer Name User ID

Date Document Number Document Type Amount in Document Currency

User Full Name

Document Currency


Heat map of amount exceptions of users

who create a customer and an invoice

Total amount of exceptions by user

and customer name

User Creates A Purchase

Order & Receipts The Goods

Or ServicesSD_ANALYTIC_03_SDCS504

Identifies where a user creates a purchase order and receipts the goods or services

ACCOUNTS PAYABLE


RiskA user who is able to create purchase orders and receipt those goods or services exposes a

risk that a user could be ordering such goods or services for their own benefit and without much

oversight.

ProcedureIdentifies where a user creates a purchase order and receipts the goods or services.

Analytic LogicExtracts purchase order and goods receipts data, and analyzes processed activities to identify

where the same user has created the purchase order and also receipted the goods or services

on that purchase order.

User Creates A Purchase Order & Receipts The Goods Or Services

ContextThe person ordering goods

should not be receiving the

goods. Adequate segregation

will allow for proper review

and approval of transactions

as well as preventing possible

fraudulent/incorrect orders.




Document Number Document Line Number Line Description Material Number

Vendor Name Date

Amount in Document Currency

Document Currency Amount in Reporting Currency Report Currency Company Code Company Name

Heat map of total value by material and user

Total value of exceptions by material & user

Pie chart of total value of exceptions by material

User Creates A Credit Memo

For A Customer And Creates A

Refund For The CustomerSD_ANALYTIC_04_SDCS506

Identifies where a user creates a credit memo for a customer and creates a refund for the

customer

ACCOUNTS PAYABLE



RiskA user who is able to create a credit memo should not also be able to create or force a refund

to the customer as this gives the user the ability to pay customers or themselves which may

not seem material at first, but could mount and also cause reputational risk.

ProcedureIdentifies where a user creates a credit memo for a customer and creates a refund for the

customer.

Analytic LogicExtracts accounts receivable data and analyzes processed activities to identify where the

same user has created a credit memo and also created a refund for the same customer.

User Creates A Credit Memo For A Customer And

Creates A Refund For The Customer

ContextAn employee should not be

able to request a customer

credit and process the refund.

This eliminates review and

approval of credit notes and

creates the opportunity for

incorrect/fraudulent credit

notes.





User Full Name

Document Currency

Amount in Reporting Currency Report Currency Company Code Company Name

Heat map of total value

exceptions by customer and

user name

Total value of exceptions by

user name and activity

User Creates And Approves

The Purchase OrderSD_ANALYTIC_05_SDCS510

Identifies where a user creates and approves the purchase order

ACCOUNTS PAYABLE



RiskThe user could commit the entity into unplanned and unknown purchases that would otherwise

not be approved and would need to be fulfilled.

ProcedureIdentifies where a user creates and approves the purchase order.

Analytic LogicExtracts purchase order data and analyzes processed activities to identify where the same

user has created the purchase order and also approved the same purchase order.

User Creates And Approves The Purchase Order

ContextCreation and approval of

purchase orders should be

segregated to ensure

accuracy and validity of the purchase order.




Document Number Document Line Number

Vendor Name

Line Description Material Number Date

Amount in Document Currency Document Currency Amount in Reporting Currency Report Currency

Company Code Company Name


exceptions by user and vendor


user and activity description

User Creates General Ledger

Account And Posts Journal

EntrySD_ANALYTIC_06_SDCS511

Identifies where a user creates general ledger account and posts journal entry

ACCOUNTS PAYABLE



RiskA user could be using newly created general ledger accounts to post one side of journals

intended to either overstate sales, create liabilities, affect bank balances or conceal reconciling

items or a wide range of transactions.

ProcedureIdentifies where a user creates a general ledger account and posts journal entry.

Analytic LogicExtracts general ledger data and analyzes processed activities to identify where the same

user has created a new general ledger account and also posted journal entries to the general

ledger account.

User Creates General Ledger Account And Posts Journal Entry

ContextThe responsibility for creating

general ledger accounts

should be separated from

posting journals to an

associated general ledger

account. This is to ensure the

accuracy and validity of

general ledger accounts as

well as any journal posted.



Activity Description Activity Indicator GL Account Description User ID

Vendor ID Vendor Name Document NumberUser Full Name Date Amount in Document Currency

Amount in Reporting Currency Report Currency Company Code

Company Name

Document Currency

Pie chart of total value of

exceptions by GL account

Count of exceptions where user

creates general ledger and posts

entry

GL Account Number

User Amends Vendor Bank

Account Number And Pays

VendorSD_ANALYTIC_07_SDCS502

Identifies where a user amends vendor bank account number and pays vendor

ACCOUNTS PAYABLE



ContextMaintaining vendor master

data should be segregated

from vendor related

transactions, such as vendor

payments. This will support

valid and accurate vendor

payments.

RiskA user who is able to pay vendors and amend a vendor’s bank account number could direct

payments to incorrect or their own bank accounts.

ProcedureIdentifies where a user amends the vendor bank account number and pays vendor.

Analytic LogicExtracts accounts payable and vendor data, and analyzes processed activities to identify where

the same user has amended a vendor's bank account number and also paid the same vendor.

User Amends Vendor Bank Account Number And Pays Vendor

Output Results Fields



Document Number Document Type Date Amount in Document Currency

Vendor Name

Document Currency


Total value of exceptions

by user

Count of exceptions where user

amends vendor bank account and

pays vendor

User Pays Vendor And

Performs Bank ReconciliationSD_ANALYTIC_08_SDCS507

Identifies where a user pays vendors and performs bank reconciliation

ACCOUNTS PAYABLE



RiskA user who is able to pay vendors should not be able to perform the bank reconciliation

function where one can further hide a fraudulent payment or process the transaction as

reconciled.

ProcedureIdentifies where a user pays vendors and performs bank reconciliation.

Analytic LogicExtracts accounts payable and bank reconciliation data and analyzes processed activities to

identify where the same user has paid a vendor and also performs the bank reconciliation.

User Pays Vendor And Performs Bank Reconciliation



ContextAny person allowed to

perform payments should not

be able to perform the bank

reconciliation. This would

eliminate proper review and

creates the opportunity to

perform incorrect/invalid

payments. The bank

reconciliation may also be

manipulated to hide errors or

fraudulent activity.


Document Number Document Type Amount in Document Currency

Vendor Name

Document Currency


Date

Heat map of total value exceptions by user

name and activity description


user

User Adjusts Selling Prices And

Creates Customer InvoicesSD_ANALYTIC_09_SDCS505

Identifies where a user adjusts selling prices and creates customer invoices

ACCOUNTS PAYABLE


| SD_ANALYTIC_09_SDCS505ar

RiskA user who is able to adjust selling prices should not be able to create a customer invoice with

those items because the user could be offering customers unapproved or loss-making prices

that ultimately affect profitability and reputation of the entity.

ProcedureIdentifies where a user adjusts selling prices and creates customer invoices.

Analytic LogicExtracts accounts receivable data and sales data and analyzes processed activities to identify

where the same user has adjusted the selling price and also created an invoice for a customer

for those sales items.

User Adjusts Selling Prices And Creates Customer Invoices

ContextThe person who creates

customer invoices should not

be allowed to amend sales

prices. This would eliminate

proper review and approval of

price changes and could

result in invalid/incorrect

invoicing.





User Full Name

Document Currency


Pie chart of total value of exceptions by user

name

Heat map of total value exceptions by customer and

user name

Total value of exceptions by customer and user

name

User Receives Goods And

Adjusts The Inventory LevelsSD_ANALYTIC_10_SDCS508

Identifies where a user receives goods and adjusts the inventory levels

ACCOUNTS PAYABLE



RiskA user who is able to receive goods and adjust the inventory levels could misuse this ability to

misappropriate goods without detection.

ProcedureIdentifies where a user receives goods and adjusts the inventory levels.

Analytic LogicExtracts inventory data and analyzes processed activities to identify where the same user has

received goods and also adjusts inventory levels.

User Receives Goods And Adjusts The Inventory Levels

ContextAny form of change to

inventory levels should be

segregated from issuing good

received notes, i.e. receiving

of goods. Proper segregation

will allow for better review of

inventory transactions and

provide assurance regarding

the accuracy and validity of


the associated inventory

levels.




Document Number Document Line Number Line Description

Vendor Name

Material Number Date


Company CodeCompany Name

Pie chart of total value

exceptions by goods

description


user name and activity

description

User Receives Goods & Writes

Off InventorySD_ANALYTIC_11_SDCS509

Identifies where a user receives goods and writes off inventory

ACCOUNTS PAYABLE


| SD_ANALYTIC_11_SDCS509

RiskA user who is able to receive goods and also write off inventory could misuse this ability to

misappropriate goods without detection.

ProcedureIdentifies where a user receives goods and writes off inventory.

Analytic LogicExtracts inventory data and analyzes processed activities to identify where the same user has

received goods and also writes off inventory.

User Receives Goods & Writes Off Inventory

ContextAny form of change to

inventory levels should be

segregated from issuing good

received notes, i.e. receiving

of goods. Proper segregation

will allow for better review of


provide assurance regarding

the accuracy and validity of


the associated inventory

levels.




Document Number Document Line Number Line Description

Vendor Name

Material Number Date


Company Code Company Name


material description


user and activity description

User Receipts Goods Or

Services And Creates InvoiceSD_ANALYTIC_12_SDCS512

Identifies where a user receipts goods or services and creates invoice

ACCOUNTS PAYABLE



RiskA user who is able to receipt goods or services and also create the invoice for these goods

and services poses a risk that the user could receipt the goods and services for personal use

and thereafter create the invoice which ordinarily would have had some level of external

review because accounts payable would vet the invoice before capturing.

ProcedureIdentifies where a user receipts goods or services and creates invoice.

Analytic LogicExtracts goods receipt data and accounts payable data and analyzes processed activities to

identify where the same user has receipted goods or services and also created the invoices

for these goods or services.

User Receipts Goods Or Services And Creates Invoice

ContextAdequate segregation of

duties is required between the

person receipting goods or

services and the person

responsible for capturing the

supplier invoice. This is to

ensure accuracy and validity

in the recording of goods and services received.



Activity Description Activity Indicator User ID User Full Name

PO Invoice Ref Number Document Number

Vendor ID

Document Type Amount in Document Currency

Amount in Reporting Currency Report Currency Company Code

Vendor Name

Document Currency Company Name

Total value exceptions by user and

activity description


exception by user and vendor

segregation of duties key activities

Documents