|
|
What does ERP Security and
Controls Assurance include?
Controls Assurance include?
Segregation of Duties (SOD) Reports list Users and Responsibilities that violate of SOD Polices based on the assignment of Security Configuration.
Restrictive Functions list Users and Roles that have access to functions that can significantly impact financial results and business operations.
Restrictive Functions list Users and Roles that have access to functions that can significantly impact financial results and business operations.
Sensitive Data list tables and database objects where sensitive data resides. Access to sensitive data such as employee social security numbers, customer credit cards and vendor banking accounts must be protected.
Application Setups Reports help document key setups to “baseline” applications for change controls, support, new deployments, patching and upgrades.
Suspicious Transactions reports list transaction that can lead to fraud, financial losses and inaccurate reporting.
Why do I need this Assurance?
Reduce Financial Misstatement Risks: Unauthorized access to ledger or wrong configurations of Financial Options can lead to incorrect recording of transaction such as revenues and expenses.
Consequences: Must restate and re-file quarterly results.
Safeguard against Losses: Unauthorized access or wrong configuration of Tax Options leads to substantial under collection of taxes can go undetected for months.
Consequences: Must pay taxes due on behalf of customers, plus penalties.
Optimize Business Process: Unauthorized access or wrong configuration of AP Terms not identified by process owner can disrupt Procure to Pay Process.
Consequences: Process Owner and Internal audit team must perform substantial research to provide proof of no ill effect.
Improve Support and Upgrade experience: Funcitonal Leads and IT support teams don’t know which setups change when you upgrade? Which setups are new? Consequences: If unnoticed or unwanted setup values are used, the effort and cost of maintenance and upgrade rises and user dissatisfaction grows.
Consequences: Must restate and re-file quarterly results.
Safeguard against Losses: Unauthorized access or wrong configuration of Tax Options leads to substantial under collection of taxes can go undetected for months.
Consequences: Must pay taxes due on behalf of customers, plus penalties.
Optimize Business Process: Unauthorized access or wrong configuration of AP Terms not identified by process owner can disrupt Procure to Pay Process.
Consequences: Process Owner and Internal audit team must perform substantial research to provide proof of no ill effect.
Improve Support and Upgrade experience: Funcitonal Leads and IT support teams don’t know which setups change when you upgrade? Which setups are new? Consequences: If unnoticed or unwanted setup values are used, the effort and cost of maintenance and upgrade rises and user dissatisfaction grows.
How Does it Work?1. Sign-up for the FulcrumWay ERP Assurance Services. You can sign-up on our website or by contacting us via email. We will send you the agreement, login information and SQL scripts to gather security and controls data.
2. Run Read-Only SQL Script on your ERP database. You will upload the data into our secure site (https) that is hosted at a tier-1 world class datacenter with SAS-70 Type II certification.
3. Within 24 hours, View and Analyze Results in secure portal on-line. You will have unlimited access to reports that can help you analyze your security and controls against our controls library.