From: Kenneth Neish
Case 2 – Application Controls
a) A sales person should not be able to change the selling price of products without management authorization. Each time a product’s price is reduced beyond its sales price the manager should have to physically come up to the register and authorize the transaction. If the company implemented this segregation of duties control the salesperson could not get away with reducing the price of products to increase gross sales. b) A manager or someone else of authority that is not involved in the processing of employee time cards should have the responsibility of reconciling the payroll report every pay period. If someone reviewed this report and compared it to prior periods they would detect major inconsistencies and further investigate the source of error. c) The company should restrict access to sensitive information, like product master files, so disgruntled employees cannot use the information to sabotage the company. This can be accomplished with a physical lock and key or by a password in a computer system. Only authorized employees that have demonstrated their loyalty and honesty, like managers, should be able to access the information. If the master file had been locked away in a room then the disgruntled employee would have never been able to access it. d) In any case where an employee has to change prices for a customer there should be a segregation of duties and authorization function in place. The system should not allow the prices of products to be changed without the authorization of a manager. If a manager had reviewed the entry before the employee had processed it they would have caught the error. e) After a product is prepared for shipment an individual that did not prepare the shipment should be in charge of confirming that the shipment order matches what was included in the bill in the system. This type of preventative control would make it so the...