Lessons learnt from Satyam fraud by a SAP GRC Consultant
India’s biggest ever corporate
fraud worth of 7000 crores at Satyam Computers proved to be beneficial
for me. It gave me clear understanding of my Job profile and gave me justification
for the way of doing my Job. I always use to wonder why I am creating such
rules which are going to put unnecessary controls and checks over people.
These controls may hamper their efficiency. This may slow down their work.
I work for SAP GRC (Governance Risk & Compliance) application. In this, I design rules to maintain a strict Segregation of Duties (SoDs) in an organization. SoDs are a primary internal control intended to prevent, or decrease the risk of errors or irregularities, identify problems, and ensure corrective action is taken. This is achieved by assuring no single individual has control over all phases of a business transaction. In an ideal system, different employees perform each of these four major functions. In other words, no one employee has control of two or more of these responsibilities. The more negotiable the asset, the greater the need for proper segregation of duties - especially when dealing with cash, negotiable checks and inventories. There are business areas where SoDs are extremely important. For example, Cash handling, because cash is a highly liquid asset. This means it is easy to take money and spend it without leaving a trail of where it went. Any department that accepts funds, has access to accounting records, or has control over any type of asset should be concerned with segregation of duties.
In simple words, each business transaction should be recorded and not a single person should have a control over an entire business process. Especially, every single penny coming into company and going out should be booked and maintained for future. Rules designed by me help my client in maintaining this SoD at every level hence keeping its accounting books clean.
When I look at fraud at Satyam Computers, then I see that I am helping my client to record and monitor every business transaction. In the end, if someone wants manipulate account book then there won’t be much scope for him since every single penny coming to company and going out of company is booked.
Another thing that used to irritate me was several levels of approvals before doing a single change in the client’s system. Now, I can understand that rules designed by me are going to affect many critical business transaction which needs to checked and recorded. This is the reason that I am not allowed to make any mistake. Hence I need so many approvals before putting any rules in the system.
I work for SAP GRC (Governance Risk & Compliance) application. In this, I design rules to maintain a strict Segregation of Duties (SoDs) in an organization. SoDs are a primary internal control intended to prevent, or decrease the risk of errors or irregularities, identify problems, and ensure corrective action is taken. This is achieved by assuring no single individual has control over all phases of a business transaction. In an ideal system, different employees perform each of these four major functions. In other words, no one employee has control of two or more of these responsibilities. The more negotiable the asset, the greater the need for proper segregation of duties - especially when dealing with cash, negotiable checks and inventories. There are business areas where SoDs are extremely important. For example, Cash handling, because cash is a highly liquid asset. This means it is easy to take money and spend it without leaving a trail of where it went. Any department that accepts funds, has access to accounting records, or has control over any type of asset should be concerned with segregation of duties.
In simple words, each business transaction should be recorded and not a single person should have a control over an entire business process. Especially, every single penny coming into company and going out should be booked and maintained for future. Rules designed by me help my client in maintaining this SoD at every level hence keeping its accounting books clean.
When I look at fraud at Satyam Computers, then I see that I am helping my client to record and monitor every business transaction. In the end, if someone wants manipulate account book then there won’t be much scope for him since every single penny coming to company and going out of company is booked.
Another thing that used to irritate me was several levels of approvals before doing a single change in the client’s system. Now, I can understand that rules designed by me are going to affect many critical business transaction which needs to checked and recorded. This is the reason that I am not allowed to make any mistake. Hence I need so many approvals before putting any rules in the system.
|
|
