An Audit Report on Financial System Controls at the University of Houston
November 2005
Report Number 06-012
Overall Conclusion
Security controls within the University of Houston's (University) financial system are adequate to protect critical data from unauthorized alteration, loss, or improper use, but further improvements are necessary. The University has enhanced its financial system's security by implementing prior audit recommendations. However, the University can further improve security controls to protect critical data by (1) limiting direct database and high-level user access and (2) logging and monitoring application and database access.
In addition, although the University's financial system controls are effective in ensuring that financial data and reports are materially accurate, certain improvements should be made in classifying purchases, reporting accounts payable, and enhancing financial system input controls and audit trails.
Contact the SAO about this report.
Download the Acrobat version of this report. (.pdf)
If you prefer an HTML version, follow this link to an Adobe site which converts PDF files to HTML.