The organization of authorizations is one of the most important services of 2-Control as part of internal control. The following describes how we support organizations when setting up the permissions in Microsoft Dynamics NAV.
Set up authorizations
An adequate division of functions contributes to the reliability of data processing. In ERP packets, the separation of functions is performed based on the authorizations. This also prevents users (by mistake) from changing important settings or other data. However, the importance of a thorough authorization structure is often insufficiently emphasized, which causes the organization of the authorizations to get too little attention or even to expire in implementation.
Authorization cycle in Microsoft Dynamics
The goal is to set up the authorizations with the preconditions that they fit into within your organization rolls and profiles and ensure adequate division of functions within the current administrative organization (AO). To be able to meet the goal, a phased approach is taken. Each phase is completed with the completion of a (formal) document.
After conducting interviews with core users, an authorization design is made. Next, the roles (also called tasks) are built and tested. Here it will be clear which access rights are assigned to a user. During the construction and unite test, Quality Assurance (QA) checks on the quality and progress of the translated designs.
Add-ons for Microsoft Dynamics
The default authorization options in Microsoft Dynamics are incomplete and do not give insight into the quality of the authorizations. From the +20 years of experience in IT auditing and the substantive knowledge of Microsoft Dynamics NAV, a unique set of add-ons has been developed in the field of compliance focused on security and control. With the developed software (add-ons for Microsoft Dynamics), design and management of authorizations are more precise and simpler. Click here for our authorization solutions.