- During your audit of ABC Sports, Inc., a retail chain of stores, you learn that a programmer made an unauthorized change to the sales application program even though no work on that application had been approved by IT Management. In order for the sales application program to work, the programmer had to make modifications to the operating software security features. The unauthorized change forced the sales program to calculate an automatic discount for a customer who happens to be the brother-in-law of the programmer. The customer and the programmer split the savings from the unauthorized discount. The programmer modified the program and returned it to the librarian, who placed it into the files for live productions use. No other information was forwarded to the librarian.
What recommendation do you have for the management of ABC Sports to prevent this from recurring? Explain why you believe the suggested internal control improvements will prevent problems in the future.