Taking Microsoft Dynamics GP Beyond the Security Scramble

September 8 2015


About Mark Polino

Mark Polino is a Certified Public Accountant (CPA) and a former Microsoft MVP (2007-2018) for Business Solutions. He is the author or coauthor of 5 books related to Microsoft Dynamics GP.  Mark also maintains the Dynamics GP focused website DynamicAccounting.net. He speaks and writes regularly about ERP related topics. Mark has been a controller and CFO for a division of a publicly traded company and he has  worked as a consultant implementing ERP solutions. Mark holds additional certifications including Certified Information Technology Professional (CITP), Certified in Financial Forensics (CFF) , Chartered Global Management Accountant (CGMA). Dynamics Credentialed Professional for Dynamics GP 2015 (Core Install and Core Financials), Xero Certified. He holds a bachelor's degree in accounting from the University of Central Florida and an MBA from Rollins College. Mark lives with his family in Florida.

More about Mark Polino


JoeBrown's picture

I have a problem with Role Centred Security as a concept... Not every organisation has the segregation of duties implied by roles and some employees do bits of one and parts of another. Tailoring access to the parts of the system that specific users need and the functions they are allowed to perform is a nightmare.

DonPugh's picture

I agree that the out of the box security from Microrost is a nightmare, and very difficult to manage with. To resolve this, I have developed a security matrix that is designed to ease the management of security for GP, and enhances Segregation of Duties. For each of the modules , GL, AP, AR, etc there is are about a dozen tasks such as (for GL): Create GL Account Create/Edit JE Post JE, View GL information Year End close, etc. For AP would be Create/edit vendor Create AP transaction Post AP transaction Etc There are 10 to 20 roles defined such as GL Accountant, Senior Accountant, Controller, AP clerk, etc. The above tasks are assigned as appropriate to these roles. So in one Excel workbook and the roles and assigned tasks can be seen and managed The big effort was to assign all the operations (windows/reports) to the above tasks, and to test and validate them. I also have VBA/Excel code that will import the operations/tasks/roles and export the security tables. Email me if you want more information. Don

jherzog's picture

Don, I would be interested in more information about your efforts to identify and assign the operations, testing and validation. We recently upgraded to GP2013 and I think this would be a good time to re-visit our internal GP security architecture. Thank you, Joanne Herzog jherzog@gcpud.org