Term
authorizing
processing
recording
reviewing transactions |
|
Definition
Key duties and responsibilities in _____, ______, ______, and _______, should be separatged among individuals. |
|
|
Term
show what alternate internal controls are established in an attempt to prevent fraud and embezzlement |
|
Definition
If any specified separation of duty is not possible, what actions should be taken? |
|
|
Term
Air Force Financial Management (FM) system users & Defense Finance & Accounting Services (DFAS) FM system owner |
|
Definition
The Comptroller Access Guide (CAG) was a result of negotiations between whom? |
|
|
Term
o This position is primarily responsible for accesses to systems
o They will periodically reconcile the actual system access with supporting documentation to account for all personnel with update access, account for all DD Form 2875s, and account for the correct access level |
|
Definition
What are the duties of the Terminal Area Security Officer (TASO)? |
|
|
Term
o Advise and assist the user and management to explore all alternatives
o If the decision is to pursue CAG approval, the QA manager will work with management to complete the attached “Request for Multiple Access” form |
|
Definition
List duties of QA Manager regarding a multi-system access conflict. |
|
|
Term
o Approve the multiple accesses by signing the Request for Multiple Access form and the DD Form 2875
o It is a statement to the system’s owner there are no reasonable alternatives to the multiple accesses
o Comptroller takes responsibility for controls over the user’s systems actions and measures are in place to prevent fraud
|
|
Definition
List duties of Host Base Comptroller. |
|
|
Term
Monitoring Internal Controls |
|
Definition
What is the key to ensuring systems accesses are proper and fraud is prevented? |
|
|
Term
FSO or FMA Chief will perform this reconciliation based on system applicability |
|
Definition
If the system does not have a local TASO/Sec Admin, who will perform this reconciliation based on system applicability. |
|
|
Term
o Validate the TASO/Sec Admin is reconciling system access with supporting documentation, both for personnel accountability and correct level of access.
o Cross check the TASO/Sec Admin reconciliations to ensure no unauthorized multiple system accesses, and that authorized multiple systems access are properly documented, justified, and approved.
o Monitor and test the compensating controls specified in the Request for Multiple Access.
o Validations will be conducted on a no-notice basis to the greatest extent possible, but at least semiannually the QA manager will produce a written report to the comptroller with the results of the previous three items and an assessment of the system access internal controls health.
o Ensure all departing/reassigned FM’ers with systems access update capability out process through the QA manager. |
|
Definition
List duties of QA Manager |
|
|
Term
Administrators
TASO / Sec Admin
Trusted Agents |
|
Definition
Who is the first point of control granting accesses within their systems? |
|
|
Term
o CAG was a result of negotiations between Air Force Financial Management (FM) systems users and Defense Finance and Accounting Service (DFAS) FM system owner
o It addressed our base-level FM offices requirement to support multiple system access with limited manpower
|
|
Definition
What is the Comptroller Access Guide (CAG) |
|
|
Term
|
Definition
Who initiate request for system access on DD Form 2875? |
|
|
Term
o Review the request per their normal policy and procedures to ensure system control and separation of duties
o Do not allow excessive system access as identified in para 3 below
o Coordinate the request with the Quality Assurance (QA) manager to ensure there are no conflicts with other accounting, entitlement, or disbursing systems |
|
Definition
What is the role of the Terminal Area Security Officer (TASO)? |
|
|
Term
o Advise and assist the user and management to explore all alternatives
o If the decision is to pursue CAG approval, the QA manager will work with management to complete the attached “Request for Multiple Access” form
|
|
Definition
If there is a multi-system access conflict, the QA manager will:
|
|
|
Term
the actual system access with supporting documentation to account for all personnel with update access, account for all DD Form 2875s, and account for the correct access level |
|
Definition
TASO is primarily responsible for accesses to systems. They will periodically reconcile which records? |
|
|