For every great ERP, there is an employee looking for a way to work the system and make a quick buck. PWC reported in their Global Economic Crime survey that over 52% of fraudulent incidents are committed by insiders.
Research conducted by Q Software found that on an average JD Edwards system, around 8% of users have access that would enable them to commit ERP fraud in the form of inventory manipulation, dummy suppliers, unauthorised payroll data changes… the list goes on.
Balancing security with access is a daily challenge for all businesses, but in particular for those with ERP systems which need to manage complex licensing, permissions, compliance and auditing. Global access for all is no longer an option, so how do you protect your JD Edwards ERP from fraudulent attack?
Q Software’s proven Audit and Security Improvement Plan will help you:
A QCloud Audit (as a Service) is an efficient and reliable way to pinpoint weaknesses in your JD Edwards ERP without putting any demand on your technical team. Simply download the Q Agent, and let it gather the specific information it needs, which is then analysed and an audit report produced.
You’ll be able to talk through the findings with a Q Software security audit expert who will discuss priorities and make recommendations.
To prevent internal fraud, it is critical that controls are in place to monitor, limit and manage user access, which will automatically detect and prevent breaches. Segregation of Duty controls are seldom native in ERP systems, and most companies put in place ‘work-arounds’ using spreadsheets and SQL to satisfy their auditors.
However, this puts a heavy burden on busy technical staff, and the ‘system’ is generally flawed — unable to analyse all access paths or identify access rights violations.
Q Software’s range of specialised tools for managing Segregation of Duties in JD Edwards can help you manage and monitor user access, reducing fraud risk, and improving audit compliance.
The objective of an SOX Audit is to certify that an organisation’s financial statements are a true and accurate reflection of its activities and performance. Part of the audit is a review of internal controls for Access Management and Segregation of Duties. Having to review an ad-hoc solution compiled of SQL reporting and spreadsheets adds time, cost, and will inevitably result in poor audit outcomes.
You can reduce the complexity of your audit, and improve the outcomes with far less effort when using specialised tools from Q Software. And the benefit isn’t just ‘short-term’. Q Software customers report that once they’ve got proven controls in place, future audits are faster, simpler, and more straightforward.
Keep your business out of the “bad news” headlines by implementing controls that protect your organisation, its data, and the interests of its stakeholders. Q Software has a range of detective and preventive SoD controls to help you quickly find conflicts that already exist in your ERP. Where new access is required, potential conflicts can be identified before access is given.
Monitoring for suspicious activity is easy with Fraud Detector solutions which track changes to critical data. And when there is a change that needs to be investigated, an automated alert via email or mobile will notify you when, where, and by whom, instantly. When it comes to detecting fraud, time is literally money! The longer fraudulent activity goes undetected, the more expensive and damaging it can be. Having a system that will sound the alarm the moment something is wrong is serious peace of mind!
Work with the largest and most experienced JD Edwards practice in New Zealand to cost-effectively integrate and manage your business processes
Interested in finding out how we could help your business achieve its potential?
