Tips for QuickBooks: Unique User Profiles Essential for Internal Controls

UserProfilesIcons.png

One of the most important internal controls is also one of the most overlooked. Setting up unique usernames and passwords in QuickBooks for each person involved in your accounting function should be a no-brainer. However, I frequently see companies where everyone logs in as “Admin” and often with NO password!

Why set up distinct users? If for no other reason, companies using QuickBooks can get an audit trail report to track who did what. The audit trail report will show which user created a transaction and when. If a transaction is modified, the audit trail report shows how and when it was changed, and which user made the changes. But if everyone logs in under the same username, there is no way to make those separations.

Another compelling reason for unique user ids is the ability to separate functions. Team members using QuickBooks can be granted access limited to specific areas of the program in which they have duties. Access to sensitive areas like payroll and banking information can be limited to just those personnel who are assigned to perform those duties. Pro and Premier versions of QuickBooks have very general areas of access. The higher-end product, Enterprise Solutions, allows much more detailed access distinctions, including view-only access.

Some might be concerned that an additional license would need to be purchased for each user. However, licenses “seats” in QuickBooks, is based on the number of users who can log in at the same time, not the total number of users. So, if you have five people who need to be in QuickBooks at some point, but not all at the same time, you do not need five licenses.

And of course, each person using QuickBooks needs a unique password known only to him or her. Yet, a surprising number of small business owners balk at that part of the set up. They think they need to know the employees’ passwords. Wrong. There is nothing gained by knowing the employees’ passwords. Your control is established by granting access to just the areas the employee needs to do their job. No supervisory ability is lost by not knowing an employee’s password. An unscrupulous employee cannot hide anything or take unauthorized action simply by having a privately held password.

When the employee’s duties change, the areas of access can be changed. When the employee no longer works for the company or transfers out of the accounting function, the areas of access can be revoked and the password can be reset. (Do not delete the user, because this also deletes the audit trail.)

The importance of separate user logins is not limited to the accounting program. Any online financial account (bank, credit card) should be accessed by user ids distinct to each person. More and more, financial institutions are insisting on it. You should too.