<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=91999&amp;fmt=gif">

SOX Compliance for Dynamics NAV

Review and Report on Risk in Dynamics NAV

Fastpath Assure® is a Software Suite designed by auditors to provide a comprehensive audit solution to automate security, risk management, and compliance (including SOX and J-SOX compliance) for Dynamics NAV. Fastpath Assure helps you answer questions such as:

  • Who has access to your Dynamics NAV data?
  • Where are the risks in their access?
  • What did users do with their access?

Can You Find Your Access Risks in NAV?

In Fastpath Assure the Segregation of Duties (SoD) module pulls user access in NAV, reviewing and reporting conflicts for mitigation.

Segregation of duties may be important for regulation compliance, but it should also be the basis for NAV security. SoD conflict reports show where your risks are and allow you to mitigate conflicts. Instead of spending time trying to create your own ruleset, the SoD module in Fastpath Assure allows you to use our custom-built ruleset designed by auditors specifically for NAV (Navision). Fastpath Assure allows you to create on demand and automated SoD reporting, taking away the manual process.

Knowing where risks exist is a great start, but the next step is to know who exactly has this access. You may have numerous employees with conflicting access, but either risk tolerance or mitigation can't stop someone who shouldn't have access in the first place. Fastpath Assure allows you to run automated access reviews as well to assist in eliminating unauthorized or orphaned users in your Dynamics NAV system.

FEATURES

  • Extensive list of potential conflicts specifically for Microsoft Dynamics NAV
  • Security reporting by user’s access to table data and other securable objects
  • Download to Excel or PDF for analysis and distribution
  • Intuitive and automated system supports continuous compliance
  • Define custom report schedules (daily, weekly, monthly) and send via Excel or PDF attachment
  • Assists in Sarbanes-Oxley (SOX) compliance

Role Conflicts 

NAV-role-conflicts 

NAV-role-conflicts ×

Security Starts & Ends with the User

The Fastpath Assure Identity Manager module securely automates user provisioning from request to application, without the need for IT involvement.

When creating, editing, and deleting users; don’t lose the integrity of your Dynamics NAV security. If user change requests are taking a long time to go through manual approvals and lack visibility into SoD conflicts during user creation, use Identity Manager (IDM) to automate your process. IDM gives a business process owner the power to submit user requests with the exact roles and permissions needed. IDM can run the request against our segregation of duties tool to immediately report any conflicts. Once submitted, the request, with the SoD report, goes through a customizable workflow of approvals based on the user, role, application, or risk level.

Another issue many organizations face is the disconnect of NAV and Active Directory (AD). For NAV 2013 and later, the Fastpath Config AD can link the two, allowing changes in AD to be implemented directly to NAV. Config AD lets the IT department run user provisioning for NAV through AD with abilities to create NAV users from AD users, connect AD groups to NAV roles, and delete users from NAV when deleted from AD.

FEATURES

  • Visibility into SoD risks during requests and approvals with Fastpath Assure integration
  • Helps achieve SOX compliance
  • Multi-level management approval structures
  • Require approvals based on requesting user, requested role, requested application, or SoD risk level
  • Comprehensive reporting on requests and approvals

Role Assignment 

NAV-role-assignment

Change Log is Not Your Only Option

Most Dynamics NAV users know they can track changes made to the system with the Change Log feature. Change Log is also known to slow down NAV performance, be excessive in the data it tracks, and lacks the functionality to show before-change values. This can obviously cause more inconvenience than help for IT and admins.

If you are tired of searching the Dynamics NAV Change log trying to understand where changes were made, then the Fastpath Assure Audit Trail is for you. Audit Trail has out-of-the-box reporting showing the before and after value, who made the change, and the source of the change (at the NAV or SQL level). Another benefit of Audit Trail is that it sits outside of NAV, minimizing system impact.

FEATURES

  • Superior performance and reporting versus native Dynamics NAV Change Log
  • Track all changes to Microsoft Dynamics NAV and other SQL based applications
  • Track changes made from inside external sources and add-on applications
  • Define custom report schedules (daily, weekly, monthly) and send via Excel or PDF attachment
  • Assists in Sarbanes-Oxley (SOX) compliance

View the Audit Trail vs Change Log Comparison Chart.

Data Changes 

NAV-data-changes

Stop SoD Conflicts Before They Exist, User Provisioning

In Fastpath Assure, the Identity Manager module improves access requests and approvals, including the automation of start and end dates.

Sometimes projects arise, employees go on vacation, or something must be done after hours, and these instances cause the need to grant emergency or temporary access to a user. When needed, you should be able to grant this access quickly without sacrificing security, but in most cases, the manual approval process for access requests in NAV doesn't allow for both speed and risk aversion.

With Fastpath's Identity Manager (IDM) you can easily make access change requests and automate the approval process for quicker deployment. IDM lets you set a start and end time-based on the specific needs, and will report any SoD conflicts existing in the new access so risk can be minimized. For further monitoring of what users do with their access, check out the change tracking capability of the Audit Trail module.

FEATURES

  • Schedule Start and Stop times for emergency/temporary access
  • Visibility into SoD risks during requests and approvals with Assure integration
  • Multi-level management approval structures
  • Require approvals based on requesting user, requested role, requested application, or SOD risk level
  • Comprehensive reporting on requests and approvals
  • Helps achieve Sarbanes-Oxley (SOX) compliance

Schedule Access

NAV-schedule-access

Find the Security Conflicts in Your NAV Environment

Whether running security reviews or preparing for an audit, one difficulty can be figuring out which reports are vital and what they need to contain. Creating reports from scratch can take hours and subsequently increase the cost of the entire process. With this in mind, Fastpath includes customizable reports built for the specific needs of Dynamics NAV. Our team of certified internal auditors know what to look for and designed the report templates to include the data necessary for most instances.

Within Fastpath Assure, the Access Review module includes reports for critical access definitions and the SoD module has a user conflict summary. Audit Trail maintains a data management log, tracking archive, purge, and restore commands. Identity Manager includes reports to track the full history of requests and approvals, a necessary review for SOX compliance. These reports and more can be customized to fit exactly what you or your auditors need.

FEATURES

  • Out-of-the-box templates and reports available
  • Extensive list of audit trail templates
  • Security reporting by user, company, screen/form, operation, role
  • Comprehensive reporting on user requests and approvals
  • Intuitive and automated system supports continuous compliance
  • Download to Excel or PDF for analysis and distribution
  • Define custom report schedules (daily, weekly, monthly)
  • Ability to sign off on reports from Outlook inbox
  • Assists in regulation compliance, i.e. SOX, HIPAA, FDA

Schedule Access

NAV-reports 

NAV-reports ×

Audit Trail vs Change Log Chart

What are the benefits of having a solution other than the native NAV tool for an audit trail history? The question that NAV users ask is—Why Audit Trail? Why not use the built in Change Log functionality? See the chart explaining the differences between Fastpath’s Audit Trail and the NAV Change Log. Read More

Best Practices for Audit Trails in Dynamics NAV

You need to track, but you don't want to overburden your system with too many Audit Trails. In this session, we talk about how to take a risk based approach to creating audit trails. We show you real life examples and walk you through the steps to successfully create audit trails. Read More

eBook: How to Choose Audit Trail Software for NAV

Not All Audit Trails Fit NAV Equally! If you need to track changes in Microsoft Dynamics NAV, finding an audit trail software can be easier said than done. This eBook goes over everything you need to consider before making a purchase. Read More
RAPID INSTALL
AUDIT EXPERTS ON STAFF INCLUDING CIA, CISA, CPA & CRISC
SKILLFUL AND ATTENTIVE SERVICE & SUPPORT PROFESSIONALS
UNLIMITED USERS
Key Considerations When Selecting GRC Software | Fastpath GRC

Key Considerations When Selecting GRC Software

Sarbanes-Oxley regulations are complex, but there are ways to simplify it. In this short E-book, Norman Marks focuses on simplifying your controls and other considerations when choosing your GRC software.

Download the Paper

Innovation in User Experience for Automated Controls_2020_Award

GRC 2020's Innovation in User Experience Report

GRC 20/20 Research, LLC (GRC 20/20) provides clarity of insight into governance, risk management, and compliance (GRC) solutions and strategies through objective market research, benchmarking, training, and analysis. Read their report on Fastpath Assure®, the security and compliance platform which won their "Innovation in User Experience for Automated Controls" Award in 2017!

Get the report here!

Others_Template_Role Duty Matrix for D365-1

Dynamics 365FO Matrix


Building roles and implementing strong security in D365FO can be a daunting task, so we created a tool to assist in designing security roles for Dynamics 365 for Finance and Operations.

Get the Matrix!

Others_Template_Access Controls in SAP

Access Controls in SAP - The What and How of SAP Security

Whether you know the importance of access controls or not, implementing and maintaining them can still be a difficult part of your SAP security plan. The audit and security expert, Keith Goldschmidt, goes over what access controls are, how SAP handles them, how you should implement and maintain them, and even suggests some tools to make the process easier on you.

Download the Paper