Summer is coming again. The sun is showing itself, nature is turning green and the sky is blue! There is nothing better than enjoying the sunshine after a productive workday.
By making preparations in time for your authorizations during this vacation period, you can avoid unnecessary stress and overtime. We have listed for you what you need to take into account for a carefree summer!
Temporary rights remain permanent
A few months later, during the audit, you discover that major changes in the authorization structure have not been reversed! As a result, the authorization structure has been significantly changed and is no longer adequate. Restoring the authorization structure is an unnecessary waste of time and money.
This is simply the result of a lack of (proper) authorization management.
You will probably have to (temporarily) adjust the authorizations of employees in connection with leave, vacations or temporary employees. Therefore, we inform you now on how to avoid a stressful summer!
Six steps to a carefree summer:
1. Make a clear schedule: Who goes on vacation when and who is the replacement? What rights does the substitute need? Discuss this with the person going on vacation so that the replacement has the proper rights.
2. Provide clear work instructions: This way it is immediately clear if an authorization notification is the result of incorrect rights or of incorrect execution of a process.
3. Give a substitute the rights in Dynamics NAV under his/her account: NEVER give a password to a substitute. Then it is never clear who did what.
4. Check with the controller whether additional management measures need to be taken: Modifying or assigning rights can cause conflicting rights. This can cause important control measures such as segregation of duties to be broken.
5. Ensure that changes in authorizations are properly recorded: You want to know who has been granted which rights and when. This is indispensable for auditing purposes. (To complement this: is the change log turned on?)
6. Plan an immediate action to revoke temporary rights: Temporary rights should be temporary! With the Authorization Box this can even be fully automated.
Security outside Dynamics NAV
Information security is not just about the ERP system Dynamics NAV / Dynamics 365 Business Central. Chances are that multiple applications are running. For setting up procedures regarding vacations and leave it is wise to consult with the IT manager or application managers to cover the risks present in linked and/or related applications as well.
Want to enjoy a carefree summer?
Then be mindful of the unnecessary risks the company runs by not paying attention to authorizations and security during vacation periods. Want to start the next vacation season without worries and with an authorization structure that is good and stays good? Then think about the above issues and check out our solution for efficient setup and management of authorizations.