An organization’s internal auditor discovers that large sums of money have recently been paid to a vendor that management does not recognize. The IT security department is asked to investigate the organizations the organization’s ERP system to determine how the accounts payable module has been used to make these vendor payments.
The IT security department finds the following security configuration for the accounts payable module:
+New Vendor Entry – Required Role: Accounts Payable Clerk
+New Vendor Approval – Required Role: Accounts Payable Clerk
+Vendor Payment Entry – Required Role: Accounts Payable Clerk
+Vendor Payment Approval – Required Role: Accounts Payable Manager
Which of the following changes to the security configuration of the accounts payable module would BEST
mitigate the risk?
A)
A.
Option A
B.
Option B
C.
Option C
D.
Option D