Jenelyn B.

Ligas

BSA-2

Assignment: Auditing Database System - Problem Report

The following information is stored in two relational database files:

Employee Master file:
-Social Security Number Weekly Payroll File
-Name -Social Security Number
-Address -Hours Worked
-Date Hired -Deductions
-Hourly Wage Rate -Bonus
-Marital Status
-Number of Exemptions

Required:
1. Bogey works in as HR Personnel and Bacall works in payroll. Prepare a database
authorization table that you think is appropriate for Bogey and Bacall for these two files.

Department Personnel Personnel Payroll Payroll

User Bogey Bacall Bogey Bacall
Password Pink Orange Pink Orange
Authority:
Read Y Y N Y
Insert Y N N Y
Modify Y N N Y
Delete Y N N Y

2. Discuss any potential exposure if the right prevention devices are not in place or if Bogey
and Bacall Collude.

The Auditor can select a sample of users and verify that their access privileges stored
in the authority table are consistent so, If the right prevention device is not effective then
bacall should insert fictitious employees and write checks to employees who do not exist
and keep the checks himself. Bacall may be able to pay her friends or relatives more then
they earned by increasing their hourly wage rates. If ever bogey and bacall collude, then
they can perform these tasks. Other controls are needed such as supervisor review of
paychecks or paymaster other than bacall distributing checks.

This study source was downloaded by 100000834699216 from CourseHero.com on 03-08-2022 11:18:57 GMT -06:00

https://www.coursehero.com/file/74939115/ADS-AIS-1docx/
Powered by TCPDF (www.tcpdf.org)