Accounting Software Security Features
The accounting software security features apply to the online accounting software
by Legler Systems Company and result in improved access control, audit control,
accuracy and completeness of information stored in the online database (DBSMST).
Procedure DBxx refers to procedure number xx on the Database Control System menu.
The major accounting software security features are described below:
- Each time a data record is changed in the online Master File (DBSMST),
the current system date, procedure number and User-ID that made the change
are stored in the data record, so any time that record is queried the
last user that changed it is identified.
- Procedure level access control is implemented for all users that have
access to any financial procedure by setting up a User Control Record
(DB08) which identifies the User-ID, user password and each
procedure within each system that user can execute. For data entry
procedures, a user can be limited to only query capability with no
updating. User level security means that the user must first sign-on
to the accounting software (procedure "ON") by entering a valid User-ID
and user password before executing any accounting procedure.
- After three attempts to enter a valid User-ID and User-Password,
error message "E228" is displayed and the financial application must be
restarted. This access test provides added security by preventing
automatic hacking programs from determining a valid user password.
- The user password is automatically encrypted before being stored in the
online database for added security by the "PW" command on the
main financial menu. Also, an edit is made to test the strength of the
user password, if weak a warning message is displayed on the screen.
A strong user password contains uppercase letters, lowercase letters,
numbers and special characters.
- Once a user has signed on to the financial systems, that same User-ID
cannot be entered to sign on from another terminal without first signing
off the original terminal or personal computer. This feature is overridden
by setting the Active-Flag to "M" for the User-ID in procedure DB08.
- Many codes are user definable, such as GL account code and location code.
These codes are predefined by a Code Definition Record (DB01)
before a code is entered and accepted by the system. Each group of codes
is defined by a unique Code-Type (e.g. "AC" for account codes and "LC" for
- A master control record, Company Control Record (DB03), is referenced by
all accounting procedures and this master record is used to control the
current payroll periods and accounting periods, as well as other
key system options used to customize the functioning of the financial software.
Separate Company Control Records can exist for each application to
minimize data entry problems (wrong accounting period) at month-end.
- User activity is recorded automatically by updating an indexed User Log File
(DBSUSR) each time a procedure is executed by the user. The activity
reports printed by procedure DB13 are based on this User Log File that
identify the specific procedures and times the user performed them.
The execution time is shown in hundredth of a second, as well as the
number of disk file accesses.
- Departmental level control is available to restrict a user in one
department when selecting and processing revenue/expense data. The
GL account code structure must be defined to support a 2-digit department number
plus a 4-digit account code. Refer to System-Option-26 in procedure DB03.
- All clerical procedures produce a hardcopy control report or detail
accounting report for positive audit trail, except data entry and inquiry procedures.
- Multi-level transaction data logging capability for positive audit control.
Just deleted data records are written to a separate Transaction Log File
(DBSTRN.LOG) or the before and after image of any data records changed are
written to the Transaction Log File depending on the setting of the
Tranlog-Code in procedure DB04. Procedure DB15 is used to print these
data records in the Transaction Log File.
- Accounting period control of financial related transactions is provided
by a 4-digit number composed of year and month (YRMO) regardless of the
date of the transaction. Separate accounting periods can be setup by
application by specifying separate Company Control Records for each
- Batch numbers (user assigned or computer assigned as the system date)
are associated with a group of input documents for clerical control
- Two alternative methods of passing (posting) accounting records from one
application to another (direct or indirect) are available as a system option.
For example, the AP system can create General Journal Records directly in
the GL system (same online Master File) or can write the General Journal
Records to a sequential Transfer File (DBSTFR) for subsequent importing
by the GL procedure GL13 or exporting to an external computer application.
- The online Master File input/output operations are controlled by specifying
a transaction code on data entry screens to identify the type of disk I/O
to be performed for a single data record. A Trans-Code of "Q" is used to
read (retrieve) a record from disk. A Trans-Code of "D" is used to delete
a record from the online Master File. A Trans-Code of "M" is used to re-write
(modify or change) a record to disk. A Trans-Code of "A" is used to write
a new data record to disk.
- Individual transaction records in prior accounting periods (data already
posted to the GL System) cannot be deleted in the current accounting
period using a Trans-Code of "D". An adjustment in the current period must
be made to correct an error in a prior period transaction.
- Purging of old data records from the online database is user initiated and
controlled within each application module by a separate procedure available
to supervisory personnel only. Whenever old data records are
purged (physically deleted) from the online Master File, they are also
written to the Transaction Log File for backup and safety. In this way,
the user controls the amount of history to be maintained in the
- Eleven support file names required by various applications are reserved.
These support files cannot be directly entered by the user when defining
external print file or export file to avoid accidental file destruction.
Uppercase and lowercase file names and paths are considered the same.
- Any code field or master record can be flagged as "inactive" by using
the Active-Flag field to prohibit an online entry, yet permit it to be
retrieved for reporting purposes.
- The accounting period control ensures that the correct accounting period
is closed, since both the current and prior accounting periods are
predefined in the Company Control Record.
- All dates the user can enter must be valid (month and day), as well as
fall within a predefined high-low date range specified in the Global
Control Record (DB04). All date fields are internally stored
in the YEARMODA format (8 digits).
- After all hard disk read, write, delete and re-write operations, the
file status code (internally set by the operating system) is tested. Any
unusual error condition is identified and the file status code is
displayed at the bottom of the screen for operator follow-up.
- All numeric data, such as dates, accounting periods and dollar amounts are
internally stored in the online database as binary (COMP format) in either
2 bytes, 4 bytes or 8 bytes. Binary data is difficult to read and
interpret directly. To view numeric fields requires a record description
(copy member) and computer program to convert these fields to a readable
- Each data record format in the online database is identified by a unique
single character Record-Type code which is part of the primary key of ten
characters. The definition of the primary key depends on the
- The entry accounting period of new transactions must match the entry
period in the Company Control Record to ensure the accounting transaction
is recorded in the proper year and month (accounting period).
- Backup copies of all accounting data, programs and files can be written
to a CD-ROM or USB flash drive or thumb drive for off-site storage. The
burned CD-ROM or USB drive can be read on any personal computer to easily
reprint accounting reports without copying data to a hard disk.
Accounting data on CD-ROM cannot be changed.
More Information on the Software Security Features:
To receive additional information on the Legler Systems online accounting software,
e-mail Bill Legler in the San Francisco Bay Area, California
or go to the Online Business Accounting Software Overview page.
Version 11.8 (2018). All rights reserved by Legler Systems Company.