Five Steps to setting up your ERP Security
For your ERP system to work as effectively as you had hoped when you embarked on the project to replace or upgrade your existing systems, an often overlooked aspect is the application security.
When the project team just gets their hands on the new application, its like receiving a long-anticipated Christmas gift. You can not wait to start using it and capturing Test Information that matches your Company Data to start mapping the processes you will use in the new application.
For the first phase of the project – set up a security role that gives the project team rights to everything in the application except the Systems Configuration where your Systems Admin will set up the users, and define the security roles and apply updates and patches.
For the second phase of the project – be sure to involve the Compliance Team early in the conversations to document what is to be treated as “Not Allowed” or “Warning” when you review the Segregation of Duties information as related to the access users have in the system.
For the third phase of the project – setup security roles to match the processes identified by the project team for implementation. Setup Granular security roles that you combine into a functional role. The rights to create a purchase requisition will most likely be needed by multiple functional teams in the business – set it up once and reuse it – this will reduce the maintenance needed if there is ever a need to adjust.
For the fourth phase of the project – be sure to use the security roles that were set up to match the identified business processes used during your user acceptance testing and training sessions. This will ensure the users that will be using the application to get training will be using the rights they will have in the application.
For the fifth phase of the project – your team must review the segregation of duties often. Ensure that the support team for the ERP Application understands and appreciates the need to keep the security roles clean and not to let this turn into a picnic basket with a little bit of everything.
Director: Applied Research in Management Cybernetics at North-West University, South Africa
4 年ERP Security 101... A good roadmap to ensure that security does not fall by the way side. Nicely summarised, Ilona.
IT Coordinator at Eldorado Gold Quebec
4 年Nice article Ilona. ERP security is often overlooked during an implementation project and not enough time is allocated to this really important and sensitive subject before go live.
IFS Senior Business Analyst at WIA Systems Inc
4 年Solid, thorough and well thought out plan that will save endless hours of headaches when setting up security properly and methodically from the very beginning. Thanks for sharing Ilona!!