Streamline Segregation of Duties and Auditing
Pinpoint the gaps in your JD Edwards EnterpriseOne security
JD Edwards EnterpriseOne security is very complex and there are many routes by which users can access applications.
This makes it very difficult to find out exactly what users can access and what they can do when they get there. Without that information, you can’t reliably find and fix gaps in your security.
Audit Manager analyzes your security and gives you accurate information about your vulnerabilities.
Segregation of Duties reporting without the pain
Audit Manager enables you to hold your Segregation of Duties (SoD) rules within your JDE environment and run regular audit reports to identify users with access rights that violate your SoD policy.
Where SoD conflicts are found, you can drill down to investigate and remediate the issues, or, if appropriate, apply fully documented mitigating controls.
Make your IT security audit go smoothly with fast access to accurate information
Audit Manager includes standard reports and enquiries, and our powerful reporting bundle ReportsNow for QSoftware provides:
- advanced, flexible reporting which enables you to slice and dice results for easier analysis, prioritization and remediation
- Interactive dashboards to keep you informed of critical risks, urgent issues and significant trends.
Watch a short demo
- Reduce the risk of fraud or error
- Reduce your audit costs
- Accurate information with a fraction of the effort
- Keep your system clean with regular reporting
- Monitor trends - check progress on improvements or highlight new issues
- Rapid implementation - start producing reports within a few days
Results are accurate and current, rather than based on data exports.
All information, including your SoD rules and reports, is held within your JDE system, so it is secure, auditable and there’s never any doubt about whether you have the correct version, unlike with spreadsheets.
We supply a set of SoD rules developed in conjunction with experienced auditors, or you can maintain your own.
Rules can be applied at Object (program), Duties (groups of Programs) or Role level, so they can be as granular as you need.
The Single Risk Object rule lets you monitor access to high risk programs (such as Bank Accounts or Next Numbers) which enable a user to commit fraud.
Mitigations with start and end dates can be applied to accommodate temporary breaches of SoD rules – for example, when employees need to cover for absent staff or vacant posts.
Active Mitigations will be taken into account in SoD reports, thereby avoiding false positives.
2 types of Net Effect Enquiries – Application Security and Row Security – quickly show you whether a user can access particular applications or data items, and at what level the prevailing security is held.
They display the applicable security settings at all levels (ie *Public, Role and User) and calculate the Net Effect to show you whether the User can access the specified item or not.
Compare current results with previous reports to monitor progress on improvements or detect new issues that may need investigating.
Includes predefined reports which make it easier to review your SoD model, analyze SoD violations, manage remediation work and provide evidence for your auditors.
An interactive dashboard enables managers to monitor trends, be informed of urgent risks, and dig deeper to investigate specific issues.