we have a spread sheet that stores unallocated IT stock (e.g laptops in stock, yet to be assigned to an end user). When an order is received the spread sheet is updated with the end user who the laptop was given too. Then this information is finally updated in the formal asset management database. My concerns at present are the people who have access to the stock room also have full control over this spread sheet to update records etc. So in theory you could steal a laptop, but maliciously update the spread sheet to pretend it had been assigned to an end user. I am wondering what kind of process/control could be put in place to ensure this risk doesn't exist, its almost like a separation of duties conflict.