Maintaining Departmental Financial Computing Procedures
Documentation Requirements for Procedures
Procedure documentation should cover the following:
- Procedures that detail the level and nature of review performed by Chief Administrative Officers (CAOs) and Departmental Security Administrators (DSAs) with respect to the Distributed Administrative Computing Security System (DACSS), which is the application that controls access to the campus financial computing system.
- An approved and dated accountability matrix that summarizes how preparer and reviewer functions have been distributed.
- Signed and dated reviews performed by CAOs with regard to DACSS and DSA activities.
In those instances in which individuals are both a CAO and the primary DSA, the same need for documentation will exist. The only difference is that there will be only one initialed approval instead of two. See "Access to Financial Computing Systems" for more information on the responsibilities of these positions with regard to the financial computing system.
Revision and Maintenance of Procedures
The level and frequency of controlling and monitoring procedures performed will vary from department to department. However, the procedures performed must be sufficient for CAOs to have reasonable assurance that Preparer and Reviewer privileges in DACSS reflect their intentions.
The monitoring of procedures represents an important control that is essential to the effectiveness of the DACSS and Post-Authorization Notification (PAN) systems. The suggested procedures should serve as a guide for units to adopt. Where different measures are adopted, management is required to justify the use of alternative procedures.
A DSA is required to maintain a record of all accountability delegations, and is expected to review the information in DACSS QBD and OASIS/DACSS (as described in "How to Update Financial Computing Procedures") but in a greater level of detail and on a more frequent basis.
On a periodic basis, the Office of the Controller will request that the CAO certify compliance with the UCLA Financial Policy to verify that appropriate controlling and monitoring procedures are performed.