KRONOS Edit and Approval Access - February 2005
KRONOS Edit and Approval Access
Released February 2005
Download the Full Report here
As part of the payroll audit, our office has looked at the levels of access planned for the implementation of the KRONOS time management system. Our specific concern was whether edit and approval access are sufficiently separated to limit the potential for unauthorized changes to time and attendance information.
We found that the system gave too much access to users. When the same users can both make changes and approve them, it creates opportunity for unauthorized changes, and separating these duties for all but a few users is considered an effective control. Other city systems have allowed some employees access to too many functions, allowing former city employees to commit fraud and posing a high risk of additional fraud.
Released February 2005
Download the Full Report here
As part of the payroll audit, our office has looked at the levels of access planned for the implementation of the KRONOS time management system. Our specific concern was whether edit and approval access are sufficiently separated to limit the potential for unauthorized changes to time and attendance information.
We found that the system gave too much access to users. When the same users can both make changes and approve them, it creates opportunity for unauthorized changes, and separating these duties for all but a few users is considered an effective control. Other city systems have allowed some employees access to too many functions, allowing former city employees to commit fraud and posing a high risk of additional fraud.