This is the sixth in our review of the top 10 most used reports which are ERP agnostic, and sharing why they should be in all of our customer's toolkits.
Useful Report #6: Role/Responsibility Business Process Access
In Fastpath Assure we use business processes to group access to business functions, making it simpler to evaluate segregation of duties conflicts. For example, if a segregation of duties conflict is identified between access to the chart of accounts and access to make journal entries, there may be ten security objects that grant rights to journal entries. We wouldn’t show ten different conflicts related to Journal Entries, we would show one, between the chart and journal entries. It’s one conflict, with ten different ways to trigger that conflict.
Grouping security objects into a business process also opens up the opportunity to show where users have access to groups of security settings. For example, identifying a role with access to modify journal entries is much easier when you can select all of the options to modify a journal entry as group by simply reviewing the business processes present in a role.
This report is typically called the Roles Business Process Access report. For ERP’s where role is called something different, we use that name. For example, in Oracle, what would traditionally be named a role, is referred to as a responsibility, so we have the Responsibility Business Process Access report.
The Role/Responsibility Business Process Access report shows each role, business processes inherent in the role, and the related security objects. This is useful for digging to how certain types of access end in roles. When researching how to parse a role into multiple new roles, Role/Responsibility Business Process Access provides the detail to help decide how best to split a role.
Business processes deliver a powerful way to evaluate similar or related security items as a single entity. This bundling of security objects limits the clutter when digging into security settings and allows users to focus on larger security objectives.