Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Dynamics NAV: Tips and tricks for security methodologies Andy Snook and Nate Boettcher Fastpath, Inc.

Published byBasil Cummings Modified over 8 years ago

Similar presentations

Presentation on theme: "Microsoft Dynamics NAV: Tips and tricks for security methodologies Andy Snook and Nate Boettcher Fastpath, Inc."— Presentation transcript:

1 Microsoft Dynamics NAV: Tips and tricks for security methodologies Andy Snook and Nate Boettcher Fastpath, Inc.

2 Agenda Introductions Common challenges Planning Deploying Testing Troubleshooting Auditing

3 Introductions

4 About Andy President of Fastpath Certified in Risk and Information Systems Control 17 years experience in financial management systems 10 years experience in systems auditing

5 About Nate Applications Engineer at Fastpath 5 years experience in software development 3 years experience in Microsoft Dynamics

6 About you Microsoft Dynamics NAV Version Role Security admins Finance Audit Regulatory compliance SOX FDA DCAA LMNOP

7 Common challenges

8 Access security is low priority for the project team Everyone is SUPER! Security is the domain of IT/Sys Admin not BPOs Expensive customisations in place of security Process controls not part of the design No consideration of segregation of duties Dilution of ‘go-live’ security design Inability to report on current security setup

9 Planning

10 Avoid the house that Jack built Implementation and upgrade time is perfect Start with process not with technology Include roles, systems, risks and controls End result is a role matrix

11 Six Sigma Process Map

12 Role matrix

13 Segregation of duties Have a methodology Build rules (email me for ISACA SOD set) Balance preventative vs. productivity Don’t forget about process controls The goal is a blend of security and controls

14 Deploying

15 NAV 2013 Security Model

16 Deploying – Moving from your plan to NAV – Out of the box permission sets – Use as templates – S&R-Q/O/I/R/C – Create sales orders etc. – S&R-Q/O/I/R/C,POST – Post sales orders, etc. – BASIC

17 Testing

18 Utilize your plan from planning stage Have at least one person for each employee type Validate each process for permission errors Troubleshoot any permission errors Rinse and repeat

19 Troubleshooting

20 Manual Application Test Toolset – Code Coverage Tests Easy Security Lite Task Recorder using SQL Sever Profiler

21 Auditing

22 Don’t set and forget Take a risk based approach to reviews BPOs should review access Monitor SUPER access Update processes, rules and matrices

23 Questions? snook@gofastpath.com @snookgofast boettcher@gofastpath.com @nboettcher

Download ppt "Microsoft Dynamics NAV: Tips and tricks for security methodologies Andy Snook and Nate Boettcher Fastpath, Inc."

Similar presentations

Project Management with VIVA PPM Tool (Project Portfolio Management)

Project Management with VIVA PPM Tool (Project Portfolio Management)
Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.

OPERATING EFFECTIVELY AT WESD. What is Internal Control? A process designed to provide reasonable assurance the organizations objectives are achieved.
Efficient, Productive Solutions SECURITY SOLUTIONS for LAWSON SOFTWARE Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to.

Efficient, Productive Solutions SECURITY SOLUTIONS for LAWSON SOFTWARE Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to.
Efficient, Productive, Time-Saving Solutions TRANSACTION AUDITING Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view.

Efficient, Productive, Time-Saving Solutions TRANSACTION AUDITING Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view.
Phone: (919) 573-6132 Fax: (919) 677-8470 21CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita.

Phone: (919) Fax: (919) CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita.
Visual Studio Team System (VSTS). Richard Hundhausen Author of software development books Microsoft Regional Director Microsoft MVP (VSTS) MCT, MCSD,

Visual Studio Team System (VSTS). Richard Hundhausen Author of software development books Microsoft Regional Director Microsoft MVP (VSTS) MCT, MCSD,
The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.

The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.
OAUG SOX Panel Krista Ladd Oracle Applications Manager Silicon Image, Inc.

OAUG SOX Panel Krista Ladd Oracle Applications Manager Silicon Image, Inc.
1 Software Requirement Analysis Deployment Package for the Basic Profile Version 0.1, January 11th 2008.

1 Software Requirement Analysis Deployment Package for the Basic Profile Version 0.1, January 11th 2008.
Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.

Building Enterprise Applications Using Visual Studio ®.NET Enterprise Architect.
1 SAP Security and Controls Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations.

1 SAP Security and Controls Use of Security Compliance Tools to Detect and Prevent Security and Controls Violations.
Audit and Security for Microsoft Dynamics GP Andy Snook

Audit and Security for Microsoft Dynamics GP Andy Snook
1 Copyright © 2014 PPM 2000 Inc. SINGAPRORE, AUGUST 2014 Denis O’Sullivan, CPP INCIDENT MANAGEMENT TECHNOLOGY CHALLENGES.

1 Copyright © 2014 PPM 2000 Inc. SINGAPRORE, AUGUST 2014 Denis O’Sullivan, CPP INCIDENT MANAGEMENT TECHNOLOGY CHALLENGES.
Shooting The Moving Target…… Internal Controls & Segregation of Duties (SOD) Session Code: 503 Jasvir Gill, Virsa Systems Donnie Looper, Eastman Chemical.

Shooting The Moving Target…… Internal Controls & Segregation of Duties (SOD) Session Code: 503 Jasvir Gill, Virsa Systems Donnie Looper, Eastman Chemical.
© 2011 Financial Operations Networks LLC AP Policies and Internal Controls for Running a Tight Ship Panel: Susan Tinkler-Muller Mike Iverson Rob Rogers.

© 2011 Financial Operations Networks LLC AP Policies and Internal Controls for Running a Tight Ship Panel: Susan Tinkler-Muller Mike Iverson Rob Rogers.
G RADUATE PROJECT IT Policy and Audit FA13-900 D’Mico Johnson.

G RADUATE PROJECT IT Policy and Audit FA D’Mico Johnson.
1 ‘Title’ Deployment Package for Profile X Version X – Month-Day-20XX.

1 ‘Title’ Deployment Package for Profile X Version X – Month-Day-20XX.
Efficient, Productive, Solutions Thank you for taking the time to view our presentation. I’ll be your guide on how our Segregation of Duties application.

Efficient, Productive, Solutions Thank you for taking the time to view our presentation. I’ll be your guide on how our Segregation of Duties application.
Segregation of Duties for Infor-Lawson Software 1.

Segregation of Duties for Infor-Lawson Software 1.

Similar presentations

Ads by Google