I have just completed a set of automated routines aimed at analyzing the system security reports produced by Dynamics Great Plains 10 with a view to assessing how effectively the User Access Configuration has been implemented and kept up to date. The standard reports produced by the GP 10 system are not user friendly and can take weeks to review manually.
My routines produce a set of reports showing the users with access to privileged functions and also whether there are conflicting duties assigned to users thereby leading to a poor internal controls environment and increasing the risk of irregular activity. For instance, a user with access to 'vendor maintenance', 'creating a purchase order', 'processing a vendor's invoice', and 'printing a check' can perpetrate a fraud quite easily.
These routines are aimed at anyone who is concerned about effective internal controls. In particular, internal and external auditors seeking to assess a company's compliance with Sarbanes_Oxley [SOX]. It may take weeks to review a set of standard system reports manually but my routines can cut this time drastically. In a recent medium sized public company I was able to produce a set of reports for the "purchase-to-pay" and "sales-to-cash" processes in just under two days.
For more information feel free to contact me at email@example.com or 1-416-451-3919
Hi Eckhardtk, I am currently doing some audit work on GP and chanced on your post above. I need information on your set of routines on segregation of duties and require your assistance. Please assist.