Whenever more than one person uses a QuickBooks file, separate user names and passwords should be used. This allows QuickBooks to identify the user that creates, edits, deletes, or voids a transaction.
Not only is this a security issue, but it is a training opportunity. If a transaction is entered incorrectly or inappropriately edited or erased, the audit trail in QuickBooks will have that information.
The setup for users in QuickBooks is found at Company->Set Up Users and Passwords->Set Up Users.
Once this menu selection is made, the following window appears.
This QuickBooks sample file has only one user. The Admin user. Every QuickBooks company file will have the Admin user, it is up to you to setup any additional users you need.
Clicking the Add User button will pop up a screen asking for a user name. It will also ask for a password.
Individual users can reset their own passwords at any time. It’s a good idea to set one at the time of setup. This protects the user until they create their own unique password.
The QuickBooks company, of course, can be accessed by several people. Often, the intent of the user setup is to control the areas of QuickBooks available to that user.
In that case, “Selected areas of QuickBooks” would be the logical choice on the above screen.
External Accountant is a user type designed for an outside CPA or bookkeeper. The user-type unlocks certain tools an outside accountant would find useful in a review of a client’s QuickBooks.
Once the selection on this page is made and the Next button is selected, the following screen appears.
You can see the various selections available. The options on this particular screen are for Accounts Receivable only.
In this case, we have given Scott, our new QuickBooks user, access to create and print accounts receivable transactions like invoices.
The checkbox at the bottom of the window determines whether or not the user has access to credit card numbers, if those are kept in QuickBooks. This could open up an entirely new topic.
For our purposes, let’s just state the following: It is a good practice not to keep credit card information for customers if it can possibly be avoided.
It is also a good practice, if some data like this is kept, to restrict to absolutely as few people as possible.
Once the Accounts Receivable screen is complete, clicking Next will bring up a similar screen for Accounts Payable. That screen will have the same choices for access as the accounts receivable screen did.
After accounts payable, the remaining screens appear in this order:
- Checking and Credit Cards
- Time Tracking
- Payroll and Employees
- Sensitive Accounting Activities
- Sensitive Financial Reporting
- Changing or Deleting Transactions
The final screen is a graph summarizing all the choices that have been made in the setup process.
Sensitive Accounting Activities includes things like online banking and creating journal entries. Sensitive Financial Reporting can allow access to all QuickBooks reports including Profit and Loss reports.
Once users are created, we can more easily determine who made changes to the QuickBooks company file.
The audit trail report gives significant information about the history of transactions.
From the red circles you can see the top transaction, check 252 has been edited. The prior state of the transaction, as entered by the Admin user is the second entry on the report.
The Latest version of the transaction, as edited by Scott, is the top entry on the report.
Moreover, the report tells us what changed. The changes appear in bold type. In this case the amount was changed.
The total check used to be $80, it is now $75. If the accounts affected had changed, that would show in bold as well.