The Mid City Sales Company manages a discount store that sells most department store items at a discount. The entire accounting system is computerized. Barbara West is in charge of computer operations and oversees a medium- sized computer cluster with 10 support personnel. The present system is based on online input and online accounting processing. All accounting updates are keyed directly into the system and processed immediately. The company’s accounts payable program works as follows: Customer invoices are matched with purchase orders and receiving reports. Assuming that these documents are in order, the chief accountant enters the appropriate information into the accounts payable program. Entering this information results in a computer- generated check (to pay the supplier) and updates the accounts payable. The check is processed by the finance manager, who signs it and then mails it out. To ensure against unauthorized access to the system, both identification number and a password are required before the accountant can request the computer to make a payment on an account. The company’s computer system is such that the operator can access any account from the network operator’s workstation. Over a period of several months, the operator has been accessing the accounts payable system and ordering the computer to make payments to fictitious vendors.

Required
What security measures can be taken to prevent and detect this type of problem?