Audit Compliance and Internal Audit Analysis for Dynamics



Similar documents
ID: Microsoft Certified Professional Transcript. Microsoft Certification Status. Microsoft Certified Trainer Certification History

Best Practices Report

MINISTRY OF FINANCE, PLANNING AND ECONOMIC DEVELOPMENT THE THIRD FINANCIAL MANAGEMENT AND ACCOUNTABILITY PROGRAMME (FINMAPIII) TERMS OF REFERENCE

The presentation will begin in a few moments

Essentials of Financial Consolidation Applications. A white paper prepared by PROPHIX Software October 2010

U-LINC : Workflow and Notifications Anytime and Anywhere for Microsoft Dynamics GP

The Power of Risk, Compliance & Security Management in SAP S/4HANA

Business-Driven, Compliant Identity Management

Optimizing government and insurance claims management with IBM Case Manager

Statement of Direction

MANAGE. Sarbanes-Oxley Readiness with Microsoft Dynamics NAV. Microsoft Dynamics NAV 5.0. White Paper

Making Every Project Business a Best-Run Business

Engineering Change Management

Microsoft Certified Professional Transcript

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

SAP BusinessObjects GRC Access Control 10.0 New Feature Highlights and Initial Lessons Learned

How To Transform Field Service With Mobile Technology

SOLUTION BRIEF: CA IT ASSET MANAGER. How can I reduce IT asset costs to address my organization s budget pressures?

GOVERNMENT. Helping governments transform public service delivery with efficient, citizen-centric solutions

Leveraging Your ERP System to Enhance Internal Controls

DyNexus Recruiting & Staffing

Reduce and manage operating costs and improve efficiency. Support better business decisions based on availability of real-time information

EXPERTISE FOR WHERE YOU RE HEADED

Database Auditing & Security. Brian Flasck - IBM Louise Joosse - BPSolutions

REAL ROI REPORT MICROSOFT DYNAMICS NAV

Transforming Field Service Operations w ith Microsoft Dynamics NAV

2O/2. distribution. How Much Can You Save With an Integrated ecommerce Approach? By KeCommerce. socius The Power of Partnership

Application Control Effectiveness for SAP. December 2007

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

Welcome To Today s Webinar: Dynamics Insights SM for Microsoft Dynamics AX

XBRL & GRC Future opportunities?

MICROSOFT DYNAMICS NAV

Looking for a fast, easy and effective way to create your company website? Look no further. Kentico CMS

Business Intelligence in Microsoft Dynamics AX 2012

Protection & Compliance are you capturing what s going on? Alistair Holmes. Senior Systems Consultant

REMAN. Microsoft Dynamics NAV for Reman from Level Seven

Pace of Change Broadcast Media. Channel 1 Channel 2 Channel 3

BUSINESS-DRIVEN, COMPLIANT IDENTITY MANAGEMENT USING SAP NetWeaver IDENTITY MANAGEMENT

Microsoft SQL Server and Oracle Database:

Statement of Direction

Essentials of financial consolidation applications

IBM Cognos Performance Management Solutions for Oracle

This RMA solution supports the ability to track: Products that are authorized for return, replacement, repair or simply unwanted. Material movements

Top 10 System Implementation Audit Considerations

Complete Database Security. Thomas Kyte

Portfolio Company Performance Analysis and Reporting Automation

Management Reporter for Microsoft Dynamics ERP. Frequently Asked Questions (FAQs)

Microsoft Dynamics NAV for Government Contractors

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

Whitepaper. The future of. Expense management. Issued January remarkable findings. Powered by:

Harness the power of ReQlogic

Leveraging data analytics and continuous auditing processes for improved audit planning, effectiveness, and efficiency. kpmg.com

Protect the Past, Secure the Future

PeopleSoft Upgrade Post-Implementation Audit

PROCURE-TO-PAY TRANSFORMATION FOR CFOs. Achieving Control, Visibility & Cost Savings.

One solution, countless benefits

GUIDEBOOK MICROSOFT DYNAMICS NAV

ROI CASE STUDY INTACCT CANTO

Application Security Review

GUIDEBOOK MICROSOFT DYNAMICS GP

Managing Invoice Flows: AP automation for Microsoft Dynamics NAV. Bob Monio Director of Global Alliances

ORACLE HYPERION DATA RELATIONSHIP MANAGEMENT

NetSuite OpenAir. The World s #1 Cloud Professional Services Automation Solution. Why NetSuite OpenAir? NETSUITE BENEFITS.

Jet Data Manager 2012 User Guide

Transforming Information Silos into Shareable Assets through Automated Content Conversion

Total Reconciliation Solution (T-Recs ) Enterprise A Control Framework for Governance, Risk Management and Compliance

WennSoft For Construction SOLUTIONS BUILT TO ENHANCE EFFICIENCY, TRACK INFORMATION, CONTROL COSTS AND DELIVER SERVICE AT THE HIGHEST LEVEL

Risk Management in Role-based Applications Segregation of Duties in Oracle

A Blueprint for: Microsoft Dynamics CRM Success

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Prof. Dr. Nick Gehrke Alexander Rühle

empowering hr and engaging employees with affordable, easy-to-use self-service technologies

A Blueprint for Business Software Implementation Success

Enterprise Enabler and the Microsoft Integration Stack

Feature. Multiagent Model for System User Access Rights Audit

REVOLUTIONIZE YOUR BACK OFFICE DEPARTMENTS NEXT»

NetSuite OpenAir The World s #1 Cloud Professional Services Automation Solution

Equinix Increases IT and Employee Productivity with ServiceNow Cloud-Based IT Service Automation Solution

Scribe Demonstration Script Web Leads to Dynamics CRM. October 4,

Reduce Audit Time Using Automation, By Example. Jay Gohil Senior Manager

Automating Sarbanes-Oxley Compliance Testing for SAP Applications. A Guide to Cost and Time Efficiencies for Annual SOX Compliance Initiatives

Sage CRM Focused Sales Management

Exploring the Spectrum of Accounts Payable Automation Solutions

Minimize Access Risk and Prevent Fraud With SAP Access Control

Document Delivery & Process Automation

Locus IT Services Bangalore INDIA. *MS Dynamics *MS SharePoint *RMS Consulting *Staff Augmentation *Learning

SAP Workflow SWAT (WF-SWAT) Accelerated Automation.

Evolutyz Corp. is a future proof evolution of endless opportunities with a fresh mind set in Technology Consulting and Professional Services.

Transcription:

Fastpath Audit Compliance and Internal Audit Analysis for Dynamics: Better Audit Results with a Reliable, Repeatable Process using Fastpath Fastpath 11107 Aurora Ave. Urbandale, IA 50322 (515) 276-1779 www.gofastpath.com Fastpath. All rights reserved

Table of Contents Contents Executive Summary... 2 The Challenge for Dynamics Users for Internal Audit and SOD Reporting... 2 System Knowledge... 2 Lack of Native Reporting Capability... 2 Tracking All Changes to the Database... 3 Analysis and Documentation... 3 Audit Analysis for Businesses of All Sizes... 3 Continuous Compliance Software Designed for Microsoft Dynamics... 3 External Platform Designed for Microsoft Dynamics... 3 Tracking All Changes... 3 An Exclusive Net Change Analysis Methodology for Continuous Compliance... 4 Better Audits with Better Knowledge... 4 TCO Study... 4 Automating Manual Processes... 4 Easy to Access Reports... 4 Net Change Analysis and Documentation... 4 TCO Overview... 5 TCO Methodology... 5 Research Findings... 5 Audit Compliance and Internal Audit Analysis for Dynamics Page 1

Executive Summary This study examines the costs and effort associated with internal audit and segregation of duties analysis for Microsoft Dynamics users. It focuses on four key areas of audit compliance: - Security access reporting - Audit trail and system monitoring - Segregation of Duties (SOD) analysis - Continuous compliance including mitigation and documentation Fastpath offers a comprehensive audit methodology that allows users of Microsoft Dynamics AX, GP, NAV, CRM and SL to increase the quality of their audit analysis while decreasing the time and cost of preparation. Fastpath has created multiple products to support this methodology and meet audit requirements; Fastpath Assure, Fastpath Audit Trail and Fastpath Audit View. By implementing a continuous compliance solution like Fastpath, customers can make internal audit part of their normal business processes and create an environment that is more transparent and secure. Our research indicates that use of Fastpath audit products can decrease a company s audit preparation costs by as much as 70% while simultaneously decreasing the time spent on preparation by a similar margin. Additionally, these cost improvements are accompanied by better audit results and a more consistent audit reporting and documentation methodology. The discussion below will focus on the following areas of interest: - Key audit and security challenges in Dynamics - An in-depth TCO analysis - A case study of user experiences in business The Challenge for Dynamics Users for Internal Audit and SOD Reporting System Knowledge Segregation of duties (SOD) analysis in a given ERP requires knowledge of the underlying ERP system as well as a company s business processes. The auditor s knowledge of your ERP directly impacts the quality of and time necessary to perform an audit. Not all auditors have the necessary Dynamics knowledge to perform internal security audits, therefore, creating a need for tools to assist in this process. Lack of Native Reporting Capability Most Dynamics products lack the reporting necessary for an adequate SOD and security analysis. The analysis necessary for a successful internal audit includes a review by business process, transaction, form, menu and other ERP specific concepts. Most native reporting, when available, focuses on reporting by user which makes analysis a manual, inconsistent and time consuming process. This method often consists of printing a comprehensive user listing, manually reviewing and identifying individual user access. Audit Compliance and Internal Audit Analysis for Dynamics Page 2

Tracking All Changes to the Database Auditors want to see that a company understands the origin of all changes to key data in their systems and that they can demonstrate the ability to analyze such data as necessary. Whether a change was made from a user within Dynamics, by an external interface from another system or directly by programming against the database, the auditor needs visibility into who made the change, when the change occurred and the associated values. Ideally, this information should be easily queried and allow auditors to request ad hoc reports on an as needed basis. Analysis and Documentation An appropriate SOD review involves analysis and documentation. The first step in this process is to report on potential conflicts followed by documentation of results and potential mitigation to improve business processes. By documenting mitigation and compensating controls in a structured way, the preparation and analysis needs for successive audits are decreased substantially. Audit Analysis for Businesses of All Sizes With use of an automated solution featuring analysis and templates designed for a given ERP, any size organization can streamline their audit preparation and analysis without sacrificing quality. To achieve this goal, Microsoft Dynamics customers need solutions that satisfy the following requirements: - Security analysis designed for each Microsoft Dynamics product - Comprehensive change analysis at the database level - A software application featuring analysis and documentation features - Audit software designed by auditors for auditors Continuous Compliance Software Designed for Microsoft Dynamics Fastpath products are designed to allow customers of Microsoft Dynamics AX, GP, NAV, CRM and SL to easily analyze their security and SOD conflicts as well as document associated resolutions. Fastpath products meet auditor needs for Microsoft Dynamics customers in the following ways: External Platform Designed for Microsoft Dynamics Fastpath products are external.net, SQL Server applications which allow for auditors to get the information they need without logging into the underlying ERP. Fastpath worked with Certified Internal Auditors and software specialists to define potential conflicts that exist within a given ERP whether it is tables in Microsoft Dynamics AX, custom solutions in Microsoft Dynamics NAV or forms in Microsoft Dynamics GP. By including the ERP knowledge within the application itself, Fastpath allows auditors to focus on the analysis and the quality of the overall audit. Tracking All Changes Fastpath Audit Trail tracks changes at the database level from both internal and external sources, presenting the information in a concise and meaningful way. The software is delivered with templates and standard reports for most common business processes, such as Order to Cash and Procure to Pay, Audit Compliance and Internal Audit Analysis for Dynamics Page 3

making it easy to configure and use. Audit Trail configuration can be duplicated for multi-company or multi-installation environments. Tracking changes at the database level minimizes impact to system performance and ensures visibility to all data changes regardless of the system used to make the change. An Exclusive Net Change Analysis Methodology for Continuous Compliance Internal audit is a never-ending effort. Environments change, employees are hired and fired and your audit solutions need to keep up with those changes. Fastpath has developed a methodology which allows customers to reduce necessary audit analysis by leveraging documentation from previous audits. Auditors have the benefit of seeing what steps were taken in the past allowing them to limit their analysis to new conflicts without sacrificing quality. Better Audits with Better Knowledge Fastpath built audit compliance solutions with auditors in mind. By including best practice audit standards and analysis for each Microsoft Dynamics product, Fastpath customers have a solution specific to their ERP; not a general solution servicing multiple, differing ERPs. Customers get the benefit of years of customer and auditor experience that can be invaluable when preparing for external audits. TCO Study Fastpath audit solutions deliver a clear advantage in TCO and ROI over native solutions available for Microsoft Dynamics. Our research suggests that the product will lead to an annual decrease in audit preparation time and cost of as much as 70% with even more dramatic results possible. The primary drivers of the Fastpath advantage are as follows: Automating Manual Processes Currently, in order to perform security analysis for Microsoft Dynamics, customers must rely on a manual process to identify all users that have access to specific transactions. Automation offers a per user savings because the analysis is done by user and must be reviewed during each audit. These savings may be further increased by the time efficiency experienced when compiling necessary audit data and generation of potential conflict reports. Easy to Access Reports Fastpath offers a convenient and user friendly reporting interface. Auditors do not have to involve IT to generate the reports necessary to complete their review because ad hoc reporting is available on a daily, monthly or quarterly basis along with the ability to schedule reports for delivery. Without this reporting interface, identification and preparation of reports required by auditors would need to be prepared prior to their arrival and any follow up reporting would need to be generated very quickly. Net Change Analysis and Documentation With Fastpath s unique net change analysis methodology, auditors can perform exception based analysis which focuses on new or changed data while maintaining access to the complete data set, if needed. This allows auditors to easily identify transactions that present the largest risk and ability to focus on Audit Compliance and Internal Audit Analysis for Dynamics Page 4

critical business transactions. When audits are performed manually, a subset of transactions is used as a sample to represent the broader business, therefore, allowing for greater chance of oversight of significant line items. TCO Overview Fastpath s results are based on interviews with Microsoft Dynamics clients using native Microsoft Dynamics audit functionality as well as those using automated solutions. The aim of the study was to understand the amount of time necessary to perform standard audit functions using both methods and associated resource costs of each approach. Actual costs incurred by any organization may vary, therefore, costs cited in this study should be used only as guidelines. TCO Methodology The study evaluated the cost of audit compliance for an enterprise based on analysis per Microsoft Dynamics user. The results were based on the time spent generating audit reports using native Microsoft Dynamics functionality, time to perform audit analysis and document mitigations for a business of 25 users. The variables in the analysis were number of audits per year, number of Microsoft Dynamics users and cost of resources used for audit analysis and report generation. In the example included, a blended rate for analysis was used for internal and external audit resources as more costly resources would be used for conflict definition and mitigation. As described earlier in the document, there are some necessary reports that are not available for various Microsoft Dynamics products. For those products, there would be additional cost associated with report definition and development prior to the results in this analysis. Research Findings Global Variables Number of audits annually 4 Number of users at Company 25 Hourly pay rate of audit prep and analysis resource 100.00 Hourly cost of resource generating audit reports 36.00 Number of reports requested by auditors each audit 12 Audit Compliance and Internal Audit Analysis for Dynamics Page 5

SOD Analysis Using Native Dynamics With Fastpath First Audit Conflict List Development(in minutes) 2400 60 Average minutes for security analysis & mitigation per User 46 10 Cost for First Audit 5,916.67 516.67 Subsequent Audit Average minutes for security analysis & mitigation per user 46 4 Cost Per Audit 1,916.67 166.67 Audit Report Generation Average minutes to generate each audit report, if possible 6 1 Cost Per Audit 43.20 3.60 Audit Report Analysis Average minutes to perform analysis per report, if possible 5 2 Cost Per Audit 36.00 14.40 Total Costs Per Audit Total Cost for first audit 5,995.87 534.67 Total Cost for subsequent audits 1,995.87 184.67 Total Annual Costs Total Annual audit costs Year 1 11,983.47 1,088.67 Total Annual audit costs Year 2+ 7,983.47 738.67 Annual Savings with Fastpath - Year 1 10,894.80 Annual Savings with Fastpath - Year 2+ 7,244.80 Audit Compliance and Internal Audit Analysis for Dynamics Page 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information