Running Head: ACCOUNTS MANAGEMENT 1

Accounts Management

Name

Institution
ACCOUNTS MANAGEMENT 2

Accounts Management

Account management is one of the most crucial aspects of every business. The accounts

bear various essential data, which always determine multiple elements of the company.

Therefore, the maintenance and auditing of such accounts are crucial in ensuring that the correct

data and information is provided in the systems. Again, it is also vital to audit such systems as

they aid in fraud detection and control, for instance, in scenarios whereby data of some departed

employees are still within the account systems. The leading management should always act in

the prompt in ensuring that the resources required in supporting the accounting operations and

monitoring processes are available. Similarly, for the accounts’ information system to be

effective, it requires various security and management strategies are crucial in ensuring that the

systems are up to date (Kim & Solomon 2016). Some of the strategies that can aid in the

implementation of the standard processes to ensure the effectiveness of the accounts include

incorporating principles such as least privilege, separation of duties, need to know, and the

personnel changes within an organization.

Least privilege

One of the best strategies that can be used in the assessment of current accounts

management and implementation of the standards process is the use of the "least privilege." For

the accounts of departed employees to be within the company, imply that the systems are quite

flawed. Hence, various measures are required to be put in place to mitigate and occurrences of

unwanted issues such as fraud. These could be caused by the access of accounts by many
ACCOUNTS MANAGEMENT 3

individuals who end up tampering with the data, as the systems are accessible to everyone. The

least privilege principle entails the concept and practice of restriction of access of various

accounts and various computing processes to the only top persons or resources required in

carrying out the legitimate routines (Kim & Solomon 2016). In this note, this act as a security

measure whereby risks that could have otherwise hit the organization through the provision of

wrong data are thwarted. These risks typically turn out to be very costly and harmful to

individuals and the company at large. Therefore, the least privilege would be quite applicable in

this case, as it aids in ensuring that users are only granted permission of access depending on

their level of duties (Gordon 2015). This, in one way, acts to limit access and therefore ensuring

that unauthorized individuals do not access, add, and process bogus the information they should

not.

Similarly, weak control of the accounts could allow an individual to put a retired

employees detail and even creating chances of "ghost workers” whereby their salaries are

channeled to other individuals. The use of this principle will allow for risk reduction of attackers

by either gaining control of the critical account information systems and sensitive data by

compromising a low level-user account (Miller 2016). Thus, it aids in further compromising of

the accounts and stop them from further spreading.

Separation of Duties

A possible cause of fraud within an organization is whereby one person is delegated to

carry out the particular duty on his or her own without any external assistance. To ensure that the

security of the accounts systems is not compromised, the separation for duties principle would as

well be quite useful. The separation of duties entails that an individual refrains from the aspect of

assigning one person a responsibility or having only one individual take custody and acquisition
ACCOUNTS MANAGEMENT 4

of assets as well as the record-keeping. In such a scenario, the authorization of access is

differentiated from duties. In such a case, the separation of responsibilities acts to prevent the

creation and the approval of the individual's work (Kim & Solomon 2016). In accounting, this

act as one of the effective methods of dealing with fraud management since the information will

also have to be verified by others; thus, an individual cannot add and process the financial data of

a departed employee. This ensures that in cases of fraud, a collusion cannot occur between more

than individuals can as they have incompatible responsibilities (Albrecht et al. 2011).

It also ensures that there is the usual control of accounts as well as split knowledge about

various information and data about the employee (Gordon, 2015). Implementing dual control as

one of the security measures about the accounts ensures that more than one individual carries out

a process or transaction. In the split aspect, it ensures that one individual does not have access to

both and hence minimizing chances of any fraud (Albrecht et al. 2011). For instance, when

dealing with payrolls, one person could compile the gross and net pays of the payroll while

another verifies the names and calculations. In this way, it keeps the payroll clerk from

increasing the pay of some employees, as well as creating and paying fake or departed

employees. Again, this would ensure that the authorization of a transaction is separated from its

processing (Hall 2012). The separation, in this case, is crucial as it assures that the correct

inventories are made.

Need to Know

The fact that various individuals, more so in the top management, have the right to know

certain information provides a high risk to the accounts information. These individuals, at any

given point, always do have access to the account details, yet they have no sole duty or assigned

responsibility for the accounts processes. When individuals have separate responsibilities, it
ACCOUNTS MANAGEMENT 5

implies the fact that they do not have full access to the various tasks being performed. In such a

case for one to access certain aspects, they need to be granted access to obtain the information.

Thus, the need to know concept entails the concept of precluding people from accessing

information that they do not require when performing their duties (Kim & Solomon 2016).

Utilizing this concept aids in the process of plummeting probabilities of inappropriate handling

of data or even incorrect issue of information. A clear illustration of this principle would be, for

instance, despite the CIO having the mandate to view a financial overview of the first quarter of

the year, the CFO could decide that the CIO does not necessarily have to be aware of the

information and hence chooses to restrict access. Thus the providing the required information

only based on “need to know” about is critical as it only contains the intended people the

opportunity to access the data only when the need arises. In this way, it controls information

from falling in the wrong hands; thus, a lot of misappropriation and interference with crucial

aspects within the accounts information systems cannot occur (Hall, 2012). Hence restricting the

access of the account details leads to specific individuals aids in having cases of departed

employees within the systems.

Personnel Changes within the Organization

When individuals stay within an organization for quite an extended period, they usually

get used to the internal system controls. They are acquainted with every day running of the

accounts systems within the organization and even might end up keeping track of various

occurrences. For instance, that individual has full knowledge about the details of a certain

employees. For example, they might have a thorough understanding of sacked employees and

retired employees. Therefore incorporating such people in the systems would be more

comfortable in carrying out an absolute fraud. Again, individuals might as well collaborate in
ACCOUNTS MANAGEMENT 6

carrying out a fraud since they have vital details of the account information (Kim & Solomon

2016). However, when changes are made more so between departments, an individual begins

learning a very new environment in which they do not have the history of the employee in theta

department, and hence, compromising the accounts systems and details becomes difficult. One

way of achieving this is job rotation. In this case, the chances of several employees colluding to

carry out a fraud are reduced (Gordon 2015).

Account management acts as one of the most crucial aspects. Thus, the various activities

related to the multiple processes require much surveillance in controlling elements such as

misinformation, frauds, and interference with the accounts systems. This can be achieved by

limiting access to the accounts of various individuals. Through such only, the intended people

are in apposition to carryout nay transactions hence preventing compromise from external

interferences. Through the separation of duties, the access to various process and information is

not obligated to one individual and therefore reducing cases such as having departed employees

within the systems. Similarly, embracing the "need to know" and changing personnel within the

organizations act as sure ways of increasing the security of the accounts.

ACCOUNTS MANAGEMENT 7

References

Albrecht, W. S., Albrecht, C. O., Albrecht, C. C., & Zimbelman, M. F. (2011). Fraud

examination. Cengage Learning.

Gordon, A. (2015). Official (ISC) 2 Guide to the CISSP CBK. Auerbach Publications.

Hall, J. A. (2012). Accounting information systems. Cengage Learning.

Kim, D., & Solomon, M. G. (2016). Fundamentals of information systems security. Jones &

Bartlett Learning.

Miller, M. (2016). What Is Least Privilege & Why Do You Need It? | BeyondTrust [Web log

post]. Retrieved from https://www.beyondtrust.com/blog/entry/what-is-least-privilege