We are all concerned with security – in every aspect of our lives. We are especially concerned with security and control when it comes to our business processes.
In the next three blog posts, we are going to spend some time talking about security and controls within your Microsoft Dynamics AX solution. This information applies to both Dynamics 365 for Operations and on premise versions of Dynamics AX. We will outline measures that should be implemented in the interest of providing optimum security for the business processes your organization uses every day.
So, what do we mean when we talk about security and control within Dynamics AX?
We need to understand basic terms as they apply to security and controls in Dynamics AX. Security refers to the features in AX that apply to user application permissions, such as passwords and permissions. These features of security are built into the application. Controls, however, refer to procedures external to the application. A good example of an external control is Positive Pay, in which your bank compares payments with a previous transaction list before processing them.
Organizations should use a combination of Security and Control measures to insure against operational or financial risks.
Business risks to an organization may take different forms. Some are clearly intentional, such as fraud and theft. Others, however might be accidental, like when a summer intern mistakenly creates a new general ledger account and starts posting transactions to it, throwing off your financial statements. A good balance of Securities and Controls will help mitigate both malicious and accidental risks.
With proper security and controls, organizations not only guard against risks, but they can help ensure that management’s decisions are based on accurate and timely data. Controls can improve the visibility of processes. They can also help guard against errors to instill a greater measure of confidence in your teams. Finally, good control help with compliance and save time preparing for audits.
If a business does not concern itself with security and controls, they open themselves up to a host of risks including errors, misstatements, and fraud. In some firms, security oversight has been relegated to the IT team who may have little awareness of overall business processes and goals. This could lead to inappropriate data sharing or users with access they shouldn’t have.
All businesses face risks; these might vary by industry, season, geography, company size, etc. Examples include fires, earthquakes, fraud, theft and financial misstatement. In part two of our blog series, we will talk about how to identify what your risks are, how to define your corporate tolerance, and discuss how they apply to your key business systems.
Read part two of this series: Achieving a Proper Security Environment within Microsoft Dynamics AX