Territory Stories

February 2008 report to the Legislative Assembly

Details:

Title

February 2008 report to the Legislative Assembly

Collection

Report to the Legislative Assembly; Reports; PublicationNT

Date

2008

Description

Made available via the Publications (Legal Deposit) Act 2004 (NT).

Notes

Date:2008-02

Language

English

Subject

Northern Territory. Auditor-General's Office -- Periodicals; Finance, Public -- Northern Territory -- Accounting -- Periodicals; Northern Territory -- Appropriations and expenditures -- Periodicals

Publisher name

Northern Territory Auditor-General's Office

Place of publication

Darwin

ISSN

1323-7128

Copyright owner

Check within Publication or with content Publisher.

Parent handle

https://hdl.handle.net/10070/223559

Citation address

https://hdl.handle.net/10070/686148

Page content

Auditor-General for the Northern Territory February 2008 Report 69 Department of Health and Community Services cont The system owner advised agreement with the issue raised, but noted that a lack of staff resourcing requires one person to perform both functions. The system owner advised that he performs a monthly review of stock variances for all areas on QANTEL to assist with detecting inappropriate activity in addition to the compensating controls noted earlier. Lack of documentation The audit observed a lack of documentation to enable DHCS to understand QANTELs ability to enforce segregation of duty controls. Discussion with DHCS staff and the vendor gave conflicting information regarding QANTELs ability to limit access to particular functions and what restrictions are in place. Evidence to verify the following functions have been segregated and limited to appropriate personnel was limited: The ability to create purchase orders and receive stock in QANTEL; The ability to add, modify and remove vendors from the QANTEL vendor master listing; and The ability to add, modify and remove inventory master file details from the QANTEL inventory master file. Weaknesses around general IT controls as noted earlier combined with the inability to verify IT application level controls increases the risk of inappropriate and unauthorised access to key information assets and/or acquire stock. This may include via: Unauthorised purchase orders and receiving journals being created; and Details within the inventory master file (e.g. minimum inventory re-order levels) becoming inaccurate.


Aboriginal and Torres Strait Islander people are advised that this website may contain the names, voices and images of people who have died, as well as other culturally sensitive content. Please be aware that some collection items may use outdated phrases or words which reflect the attitude of the creator at the time, and are now considered offensive.

We use temporary cookies on this site to provide functionality.
By continuing to use this site without changing your settings, you consent to our use of cookies.