What is segregation of duties? A quick definition for those of you who don’t know — segregation of duties is the principle that no single person is given authority to execute two conflicting duties. It is designed to prevent fraud and error by splitting the responsibilities between different people. One person could claim expenses while another would approve them. Another example would be separating roles that manage cash deposits from customers and reconciliation of those deposits with sales records. While we were discussing this topic within our team, one team member proposed a fun analogy: what if we explained segregation of duties, or separation of duties, within Dynamics GP as if it were The Hunger Games?
Relating Segregation of Duties to The Hunger Games
We’re not suggesting you throw all your GP users into the conference room and see who makes it out alive. Rather, humor us and pretend for the next five minutes that you find yourself in Panem, the futuristic civilization created by Suzanne Collins in her book trilogy.
For those that didn’t fly through the books or watch the movies (here’s the trailer), Panem is comprised of 13 districts. Each district is responsible for providing specific goods or services for the entire country, such as transportation, power, lumber, textiles, etc. This works because everyone sticks to their expertise and the result is harmony in the country. That’s the point we’re trying to make, not the whole fight-to-the-death part.
Now, imagine what those 13 districts would look like if they were users in Dynamics GP: Payroll clerk, Payroll manager, Payables clerk, Payables manager, and so on. Each user has their own responsibilities that contribute to a system that runs smoothly and efficiently while minimizing the risk of fraud. Let us show you how you can implement segregation of duties in Dynamics GP and create harmony between the metaphorical districts.
Define the districts.
Firstly, you would need to separate the one task into two or more phases, jobs, or components. The goal is that no one individual should have complete control over a process. For example, there are two districts in the system for Payables Invoices and Payables Checks. One district enters invoices in Payables Transaction Entry and Purchase Order Entry. The other district enters checks in Select Computer Checks and Payables Manual Payment. What are your districts?
Create a process for segregation of duties.
Once you’ve defined your districts, you can create a process in Dynamics GP to help segregate the duties. In the example provided above, you would need to create two Group IDs in Segregation of Duties. To do this, you can either import in a Security Task or by importing in a previously defined Segregation of Duty Group. Then, define and assign the Exclusions. A user should not be able to do another user’s task, duty, or responsibility. In order to keep the districts separated, you would need to create an Exclusion ID between the two of them.
Ensure your districts are segregated and running efficiently.
Running and reviewing reports can help you identify where a conflict exists for the user(s) between the groups you have set up to be excluded from one another. You can check the Segregation of Duties Conflicts report and the User Segregation of Duties Conflicts report to see if any tasks overlap. The Segregation of Duties Conflicts report is per Exclusion and will tell you all of the Users who have access to at least one of the Forms selected in each of the two districts that have an exclusion between them. The User Segregation of Duties Conflicts report is per User and Exclusion, which will tell you when a User has access to at least one of the Forms selected in each of the two districts that have an exclusion between them.
Add an extra layer of security.
To aid segregation of duties and enhance your security, Auditor can help you track, audit, authorize, and report changes. Adding Auditor to Dynamics GP, you would have the ability to ensure specific changes are authorized with built-in E-sign electronic signature, require users to write a note of explanation when they change or update a field, and track data changes at the table or SQL level. Learn more about Auditor here or schedule a one-on-one demo to see if it really can help you separate duties.