Legler Systems Company | Features | Contact Us | Help | Home |

Accounting Software Security Features

The accounting software security features, include user ID, data and accounting controls, described below apply to the online accounting software from Legler Systems Company and results in improved audit control, accuracy and completeness of information stored in the online database.

The major accounting software security features are described below:

  1. Each time a record is changed, the system date, procedure and user-ID that made the change is stored in the record so that any time the record is queried the last user that changed it is identified.

  2. Procedure level access control is implemented for all users that have access to any financial procedure by setting up a User Control Record (procedure DB08) which identifies the user-ID, password and each procedure within each system that user can execute. For data entry procedures, a user can be limited to only query capability with no updating. User level security means that the user must first sign-on to the system (procedure ON) by entering a valid user-ID and password before executing any procedure.

  3. Many codes are user definable, such as GL account and location codes. These codes are predefined by a Code Definition Record (procedure DB01) before a code can be entered and accepted by the system.

  4. A master control record, Company Control Record (procedure DB03), is referenced by all procedures and is used to control the current payroll and accounting periods as well as a number of other key system options used to customize the functioning of the system. Separate Company Control Records can exist for each application to minimize data entry problems (wrong accounting period) at month-end.

  5. User activity is recorded automatically by updating a User Log File (DBSUSR) each time a procedure is executed by the user. Activity reports (procedure DB13) based upon this Log File identify what procedures and when a user performed with execution time shown in hundredth of a second as well as the number of disk accesses.

  6. Departmental level control is available to restrict a user in one department when selecting and processing revenue/expense data.

  7. All clerical procedures produce a hardcopy control or detail report for positive audit trail, except data entry and inquiry procedures.

  8. Multi-level transaction data logging capability for positive audit control. Just deleted records can be written to a separate Transaction Log File (DBSTRN) or the before and after image of all records changed depending upon the setting of the Tranlog-Code in procedure DB04. Procedure DB15 is used to print these changes.

  9. Accounting period control of financial related transactions is provided by a 4-digit number composed of year and month (YRMO) regardless of the date of the transaction. Separate periods can be setup by application by specifying separate Company Control Records (procedure DB03) for each application.

  10. Batch numbers (user assigned or computer assigned as the system date) can be associated with a group of input documents for clerical control and balancing.

  11. Two alternative methods of passing (posting) records from one system to another (direct or indirect) are available as a system option. For example, the AP system can create General Journal Records directly in the GL system (same master file) or can write the General Journal Records to a separate Transfer File (DBSTFR) for subsequent importing by the GL procedure GL13.

  12. File operations are controlled by specifying transaction code on data entry screens to identify the type of disk I/O to be performed for a specific record. A Trans-code of "Q" is used to read a record from disk. A Trans-code of "D" is used to delete a record from the master file. A Trans-code of "M" is used to re-write (modify) a record to disk. A Trans-code of "A" is used to write a new record to disk.

  13. Once a user has signed on to the financial systems, that same user-ID cannot be used to sign on from another terminal without first signing off the original terminal or PC.

  14. Purging of old records is user initiated and controlled within each application module. Whenever old records are purged (physically deleted) from the master file, they are also written to the transaction log file for backup and safety. In this way, the user can control the amount of history to be maintained online.

  15. The user password is automatically encrypted before being stored in the database for added security by the PW command.

  16. Eleven support file names required by various applications are reserved and cannot be entered by the user when defining external print or export files to avoid accidental file destruction. Upper and lower case file names and paths are considered the same.

  17. Any code or master record can be flagged as "inactive" to prohibit the online entry, yet permit it to be used for reporting purposes.

  18. The accounting period control ensures that the correct accounting period is closed, since both the current and prior accounting periods are predefined in the Company Control Record (procedure DB03).

  19. All dates the user can enter must be valid (month and day), as well as fall within a predefined high-low date range specified in the Global Control Record (procedure DB04).

  20. After all hard disk read, write, delete and re-write operations, the file status code (internally set by the operating system) is tested. Any unusual error condition is identified and the file status code is displayed at the bottom of the screen for operator follow-up.

  21. All numeric data, such as dates, periods and dollar amounts are stored in the database in binary or COMP format, which is difficult to interpret directly.

  22. Each data record format in the database (DBSMST) is identified by a unique single character Record-Type code which is part of the primary key of 10 characters. The definition of this primary key depends upon the Record-Type code.

  23. The entry accounting period of a transaction must match the entry period in the Company Control Record (procedure DB03) to ensure the transaction is recorded in the proper accounting period.

  24. Backup copies of CD-ROM accounting data, programs and files can be written to a CD-ROM for off-site storage. The burned CD-ROM can be read on any PC to easily reprint accounting reports, yet not allow the accounting data to be changed.

More Information on the Software Security Features:

To receive additional information on the Legler Systems online accounting software, please e-mail Bill Legler in the San Francisco Bay Area, California or go to the Accounting Software Summary page.

Revision 7.9 - Copyright 2009 by Legler Systems Company. All rights reserved.