RubinBrown Team Member Manual

POLICY CONTINUED Policy Title: Policy Number:

Section: Client Cash Disbursement Policy 1216

Risk Management

QuickBooks Security 41.When using QuickBooks, the audit trail will be utilized for all clients. 42.The QuickBooks administrator must be independent of client personnel. 43.A unique user ID and password must be assigned to each employee. Passwords will not be shared between employees or written down and kept in any open area. 44.Each reporting period must be closed and locked to prevent unauthorized access and changes to prior periods. This must be performed by the system administrator. 46.All employees must log out of QuickBooks anytime they leave their workstation to prevent unauthorized access to client data. Banking System Access 47.Each RubinBrown employee granted access to a client’s banking system must have unique login ID and password. At a minimum, RubinBrown must have unique login credentials as compared to the client or other agents of the client. If this is not possible with the financial institution, documentation will be noted on the Family Office Policies and Procedures template, and this information will be brought to the attention of the engagement partner. 43.Upon termination of a RubinBrown employee with access to a client’s banking system, the client and bank must be contacted immediately to terminate that access. If the firm has a single login for all users, then the existing credentials must be terminated and new ones created by the bank. 44.Signature cards must be established with the bank through coordination with the client. Upon termination of an authorized agent, the client and bank will be notified immediately to remove all access/authority for that person.

RUBINBROWN TEAM MEMBER MANUAL | 137