You use an ERP system to support a multitude of business processes. It is used in various departments and therefore offers a wealth of information and capabilities. But you don't want every user in the system to have the same rights. Consider, for example, placing orders or paying invoices. But how do you secure this in your ERP system without hindering your employees from performing their tasks?
Define your business roles
It starts with accurately defining the business roles of your employees. This is an important requirement for making good use of your ERP software. What tasks do employees perform and what information needs and capabilities in the ERP software belong to them? By mapping this, you will know which functionalities and which rights your employees need. Does this not satisfy you? Then don't take these capabilities in the ERP software away from them, but change the business roles.
Separation of functions
In many companies, segregation of duties, also known as Segregation of Duties, is commonplace. Segregation of duties involves dividing tasks within an organization so that multiple people (with conflicting interests) are needed to complete a process. This reduces the chance of errors and abuse. Separation of functions must also be set up in the ERP software:
1. First, provide a clear definition of segregation of duties.
2. Remove capabilities and permissions from your employees in the ERP system o.k. job segregation.
3. Check regularly that the separation of functions is defined correctly and that the software provides for it.
Authorizations don't solve everything
You don't prevent problems just by setting authorizations correctly in the ERP system. There are numerous other causes underlying fraud or mistakes with far-reaching consequences. No clear business roles, incorrect policies and procedures, poor system security, data conversion errors, poor maintenance of sensitive data, etc. By being alert to this and continuing to monitor it, you significantly reduce the risk of misuse and errors.
Hems van Heek is Managing Director of Dysel and has extensive experience in assisting customers in optimal use of ERP software.