Direct Deposit of Royalty Payments Audit Work Program
This direct deposit of royalty payments audit work program focuses on determining whether the sensitive information collected for the direct deposit of royalty payments is properly stored, processed, distributed and accessed by appropriate users. In addition, the scope of this sample audit was further expanded to review access to social security information stored on the AS/400 system.
Audit procedures include: observe process for receipt of royalty owner direct deposit forms and determine whether the mail correspondence submitted by royalty owners reaches the destination in a secure manner; determine what sensitive information is included on royalty owner forms for setup/change/cancellation of the direct deposit process; and determine how and where the royalty owner forms are stored when they are waiting to be entered into (SYSTEM).