-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
How have you seen change management work in your organization? What improvement recommendations do you have?
In my prior role at Verizon, change management was always addressed via a memo and then an online flash training that you click through and get a certificate that it was in fact completed. The most important thing that I would recommend…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
Which is more of a risk to a company: inaccurate data or excessive repetitive data? Explain
In accurate data is definitely more of a risk than excessive repetitive data. The accuracy and integrity of data is essential to the workflows that require that data to be accurate, i.e. accounts billable, accounts receivable, etc. Excessive data is…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
Which department or person should play the key role in defining master data and assuring it’s quality?
The accounting group should play the key role in defining master data and it’s quality and should roll all the way up to the top of that organization, CFO, for accountability purposes due to its critical nature. Also, they can ensure that s…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
Master data in an ERP system is highly integrated with various processes and effects many parts of the organization. How does an organization assure this integration works well for all?
Master data is critical for use in ERP systems, To ensure the integrity of the data there must be strict controls in place for those responsible for inputting…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
This article is about problems with the IRS’ online service called “Get Transcript”. This service allowed tax payers to go online and download previous year’s tax transcripts. The service was online from January 2014 to May 2015. The service was abruptly shutdown after they realized that the system had been breached. To counter act the hack, the…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
1. What is segregation of duties and why is it a commonly used control? Give an example of two (e.g. IT) roles that should be segregated?
Segregation of duties is a commonly used control across all organizations because the inherent nature of SOD is to minimize the opportunity to commit fraud. SOD is the principle of separating the individual…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 11 months ago
This article is a little bit older but I thought it was quite interesting regarding a DDOS attack on a hosting DNS provider called DNSimple that was a managed DNS service provider for a number of extremely popular websites such as Pinterest,…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 12 months ago
You’ve used various computer systems in your lifetime, career. System security is complex and often maligned as cumbersome, difficult, bureaucratic, etc. Have you seen these problems in your experience? Explain.
In my most recent experience most applications I’ve had to use for work were web applications and the security actually wasn’t t…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 12 months ago
Consider the list of financial and accounting controls. Rank them. Which to you believe is the most important, the least. Why?
1.Access Controls
2. Documentation
3. Segregation of Duties –
4. Approval Authority
5. Physical Audits
6. Trial BalancesUltimately access control would be the most important from my perspective because it…[Read more]
-
Paul M. Dooley commented on the post, Week 8: Questions, on the site 7 years, 12 months ago
What is the relevance of only being able to have one posting period open at a time for real time postings? What does this prevent from happening?
They only allow to have one posting period open at a time for real time postings in order to prevent fraud and eliminate false reporting. As we know financial statements need to be audited for…[Read more]
-
Paul M. Dooley commented on the post, Week 8: Questions, on the site 7 years, 12 months ago
Do you believe business rely too much on administrators to configure the security protocols in programs like SAP, rather than look for security in the entire network? Explain.
In my experience most of the security efforts have been very much an across the board effort. In order to truly enhance your security posture it would be wise to look…[Read more]
-
Paul M. Dooley posted a new activity comment 7 years, 12 months ago
How would you determine if an organization’s network capacity is adequate or inadequate? What impacts could be expected if a portion of an organization’s network capacity is inadequate?
Network Capacity Planning would be an ideal way to identify if the current infrastructure can support the the amount of resources necessary for the app…[Read more]
-
Paul M. Dooley posted a new activity comment 8 years ago
In a recent survey it is very much highlighted that both awareness and urgency are two major issues surrounding how cyber security and having a response plan in place are lacking, specifically in the EU. It was estimated that over the past 4 years a staggering amount of breaches on businesses occurred, at over 90%. What is equally concerning…[Read more]
-
Paul M. Dooley commented on the post, Weekly Question #7: Complete by November 10, 2016, on the site 8 years ago
How important is it for people responsible for general I/T controls (e.g. Network, workstation, Server and data base security) to know about how the ERP system works? What is one (1) specific thing they should know?
People responsible for general IT controls should have an intimate knowledge of how the ERP system works and what additional…[Read more]
-
Paul M. Dooley commented on the post, Week 7 Questions, on the site 8 years ago
As we’ve seen in the P2P and OTC Processes many different often non-financial business functions are involved with ERP system transactions that post to accounting records. If you are responsible for Finance / Accounting controls for your company how would you manage the risks coming from these non-Financial function jobs?
Segregation of D…[Read more]
-
Paul M. Dooley commented on the post, Weekly Question #7: Complete by November 10, 2016, on the site 8 years ago
Controls are important to financial and accounting processes. What would be different in the controls of a purely domestic US company vs. an international company? Give 1 – 2 specific examples.
2 controls type that would differ from a domestic only business to an international business would be taxes and legal. As we all know, in the US alone t…[Read more]
-
Paul M. Dooley commented on the post, Weekly Question #7: Complete by November 10, 2016, on the site 8 years ago
2. As we continue to learn about business processes and ERP systems we often discuss financial or account related terms and concepts. How much finance and accounting knowledge should IT personnel supporting business applications know and learn? Explain
At a very minimum, the IT personnel supporting these systems should have general knowledge of…[Read more]
-
Paul M. Dooley posted a new activity comment 8 years ago
The article that I selected this week is regarding the massive breach from 2014 of over 500 million customer records were stolen by what Venafi (security consultant brought in after the breach) said was a state sponsored breach by a China group. The records were found for sale on a dark web site called The Real Deal. There are also accusations…[Read more]
-
Paul M. Dooley posted a new activity comment 8 years ago
Salvi was faced with a number of unique challenges he was forced to address by enabling HDFC as an online bank. The first challenge addressed was the dilemma of striking a balance between customer convenience while implementing controls to ensure customer’s mobile and internet banking was secure and maintained their “trustworthiness.” The first…[Read more]
-
Paul M. Dooley commented on the post, Week 4 Questions, on the site 8 years ago
My personal favorite O2C process is used by Wawa when ordering a sandwich. It is very convenient and eliminates the potential of error when entering the initial order since the customer is responsible for inputting the ingredients for the sandwich they are ordering. It also helps streamline the process by giving the order fulfillment employees…[Read more]
- Load More