E-Commerce Internal Control Segregation of Duties Checklist

Download Free E-Commerce Internal Control Segregation of Duties Checklist

Cash Segregation of Duties
1) Are responsibilities for collection and deposit preparation functions adequately segregated from those for recording cash receipts and general ledger entries?
2) Are responsibilities for cash receipts functions adequately segregated from those for cash disbursements?
3) Are responsibilities for disbursement preparation and disbursement approval functions adequately segregated from those for recording or entering cash disbursements information on the general ledger?
4) Are responsibilities for the disbursement approval function adequately segregated from those for the disbursement, voucher preparation, and purchasing functions?
5) Are responsibilities for entries in the cash receipt and disbursement records adequately segregated from those for general ledger entries?
6) Are responsibilities for preparing and approving bank account reconciliations adequately segregated from those for other cash receipt or disbursement functions?
7) If EDP is used, is the segregation of duties principle maintained within processing activities?

Financial Reporting Segregation of Duties
1) Are responsibilities for the final review and approval of financial reports adequately segregated from those for the preparation of the reports?
2) Are responsibilities for maintaining the general ledger adequately segregated from those for maintaining subsidiary ledgers?
3) Are responsibilities for maintaining the general ledger adequately segregated from those for the custody of assets?
4) Are the responsibilities for preparation and approval functions adequately segregated from those for journal entries?
5) If EDP is used, is the principle of segregation of duties maintained within processing activities?

Electronic Data Processing Segregation of Duties
1) Is the EDP department independent from the accounting and operating departments for which it processes data?
2) Are duties within the data-processing function as adequately segregated as follows:
a) Systems development (design and programming)?
b) Technical support (maintenance of systems software)?
c) Operations?
3) In smaller and mini-computer installations with limited opportunities for segregation of duties, do procedures for user departments provide the following controls:
a) Utilization of batch or other input controls?
b) Control of master file changes?
c) Balance master files between processing cycles?
4) Do personnel policies of the EDP function include such procedures as reference checks, security statements, rotation of duties, and terminated-employee security measures?