Article

Us vs Them: Three Ways to Overcome Organizational Pain Points of Microsoft Dynamics ERP Security Administration

by Andy Snook
President and CEO, Fastpath, Inc., Fastpath Solutions

At Convergence last week, I attended a security or audit session for each of the Microsoft Dynamics ERP solutions.   What I found interesting was that the challenges, questions and complaints were consistent across all 4 groups even though the users were managing different applications and business processes. 

Security administrators across the board seemed to be in an ‘us vs. them' battle against the business process owners.   The business process owners didn't seem to appreciate the complexity of designing, implementing and troubleshooting security.  Security administrators didn't clearly understand the business requirements.  This gap between teams typically results in a large volume of high priority support requests.

The following are ways to bridge this gap, improve security and improve team relations.

  1. Document business processes.   We use the Six Sigma methodology when we map processes.  This approach helps us identify the key steps, key systems and roles involved in each business activity (Fastpath sample process flow).  Make sure that business process owners and security administrators are a part of the mapping exercise.  The result is a breakdown of the key functions in each process that can be more easily mapped to the security keys.   Additionally, the business process maps provide a roadmap for end user documentation and testing scripts.  These are a valuable resource during implementations as well as ongoing development and testing.
  2. Use the available security profiling tools from Microsoft (AX2009, AX2012, GP

    FREE Membership Required to View Full Content:

    Joining MSDynamicsWorld.com gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
    Learn more about us here

    Get full access
Auditing Business Central Convergence 2012 Dynamics 365 Dynamics AX Dynamics GP Dynamics NAV Dynamics SL Security
About Andy Snook

Andy is Certified in Risk and Information Systems Controls (CRISC) as well ascertified in Microsoft Dynamics and SAP.  

He has been designing audit and compliance solutions for over 13 years and has assisted with compliance projects at more than 100 companies. Under hisleadership, Fastpath has grown to support more than 1,000 companies in over 30 different countries and is recognized as an Industry Leader by the Institute of Internal Auditors. 

Prior to his time at Fastpath, Andy was a financial systems implementation consultant for Microsoft Dynamics and an SAP management consultant with Ernst & Young. He graduated from the University of Notre Dame with degrees in Economics and Computer Applications.

More about Andy Snook