MICROSOFT DYNAMICS GP IT AND SECURITY

Leveraging Dynamics GP controls for security and audit compliance

BY PROFESSIONAL ADVANTAGE - 4 October 2022 - 5 MINS READ

Over the course of time, it is inevitable that the data security, control, and audit compliance of an ERP system are reviewed.

If Microsoft Dynamics GP is your chosen ERP system, here are some of the standard functions Dynamics GP that you can take advantage of in terms of implementing system controls.

POSTING CONTROLS

Posting controls offers a multiple approach within Dynamics GP that can be utilised to minimise the risk of transaction posting errors. Below are the following items that are available standard GP functions that can be used.

  1. Require Batch Approval

An option within the posting setup of Dynamics GP can be turned on to enable approval of batch first before it can be posted. A password can be used to have control on postings and the person with the appropriate role can review transactions before they can be posted. A tick box for approval on all batch windows in Dynamics GP is available to mark the batch as approved.

  1. Allow Account Entry option in Account Maintenance

When Allow Account Entry in Account Maintenance window is unmarked, it ensures that only the corresponding module can post transactions to the account. Dynamics GP defaults the accounts from the setup at master files level (i.e. Trade Creditors, Trade Debtors, Banks) and controls the selection of the account during transaction entry in which they are restricted to select the account.

  1. Workflow Approvals

A more comprehensive approach on taking further system controls within Dynamics GP is the use of Workflow Approvals. By turning on workflow approval, transactions and setting up of master records goes through a set of business rules for approvers to approve or reject. With this type of control, segregation of duties is effectively implemented.

SECURITY SETUP

  1. Security Roles and Tasks

Security Roles contain different security tasks which encompasses many security operations. A security operation varies from access to a Dynamics GP window, report, or other custom items. Users can have different multiple security roles assigned to them in different companies providing a great deal of flexibility over their access.

  1. Field Level Security

This allows restriction of functions of fields, with the ability to assign that restriction to a particular user and for a particular Dynamics GP company. Functions such as hiding a field within a Dynamics GP window, requiring password to change default setup values, and disabling buttons are some noticeable features that can be used to restrict data and functions between users.

  1. Account Level Security

This feature of Dynamics GP allows users to view only account codes that are applicable to them. This is commonly seen on scenarios with multiple departments or divisions having their own set of chart of accounts. Controls are in effect at transaction entry, viewing, and posting wherein you can only see the entries that you have access to.

* * * 

To compliment the system controls in place, another item to look at is the audit trail of changes within the system whether on data or system setup. Below are areas within Dynamics GP that you can utilise to track these changes

  1. Activity Tracking

This module offers a function that allows you to view user activity within Dynamics GP. Such activities include logins/logouts, file tracking on data changes, window access tracking, and process and posting tracking. A report is available to be printed to show the tracking for a specific date period or specific user or company.

NOTE: A limitation on this feature is it does not track the change that has been made, instead only showing that there was a change made. Further, each audit takes up space within the database, so managing the audit records is essential to ensure no system performance issues are created. Purging old audit records and keeping only those that are essential to the business is the key to this.

  1. Utilising SQL Triggers and SQL View for Audit Logs

On audits that are identified as high-risk for the company, the use of SQL Trigger and SQL view can be created to customise the tracking on these areas. Reporting of this audit can be viewed via custom SmartList report or SSRS.

  1. Third Party Product

There are a number of full-blown Audit products available for Dynamics GP which provides you with a robust function that can show the essential Ws in auditing: What, When, Who. Some third-party products also have alerts and email functionality for when a change happens.

CONCLUSION

There are different components that set the controls and audits within Dynamics GP. Depending upon the companies’ areas of considerations and identified high-risk security compliance, Dynamics GP offers flexible solutions that best suit and meet each organisation’s requirements.

MICROSOFT DYNAMICS GP COMPLIANCE SECURITY

Write a Comment

Related Posts

"Rumours"
"Rumours"

16 APRIL 2024

Introducing Microsoft 365 Backup
Introducing Microsoft 365 Backup

12 MARCH 2024

The Holistic Microsoft 365 Security Review that lets your business win against cyber threats
The Holistic Microsoft 365 Security Review that lets your business win against cyber threats

20 FEBRUARY 2024

Talk to us

If you would like to learn more, complete the form below and one of our team will be in contact.

Your information will never be shared or sold to a 3rd party,
please read our privacy policy.

 

Latest Blogs

Dynamics 365 for Finance and Supply Chain Electronic Reporting: Create a BPAY Payment File

Dynamics 365 for Finance and Supply Chain Electronic Reporting: Create a BPAY Payment File

23 April 2024
"Rumours"

"Rumours"

16 April 2024
Coaching App: A Not-for-Profit Case Management example on Microsoft Power Platform

Coaching App: A Not-for-Profit Case Management example on Microsoft Power Platform

9 April 2024
Discover Dynaway

Discover Dynaway

26 March 2024