An ERP system is used to support a variety of business processes. It is used by various departments and therefore provides a wealth of information and opportunities. But you do not want every user in the system to have the same rights. Think for instance about placing orders or paying invoices. But how can you ensure this in your ERP system without impeding your employees in carrying out their work?
Define your business roles
It starts with a detailed definition of the business roles of your employees. This is an important prerequisite for making proper use of your ERP software. What tasks do your people perform and what information requirements and options in the ERP software go along with that? By mapping this you know what functionalities and what rights your employees need regarding the ERP system. Are you not happy with this? Then do not take away functionalities and rights in the ERP software, but change the business roles.
Segregation of Duties
In many companies segregation of duties plays an important role. Segregation of duties is the concept of requiring at least two individuals in your organization (with conflicting interests) in order to complete a process or task. This reduces the likelihood of errors and abuse. Segregation of duties should also be set up in the ERP software:
1. First make a clear definition of the segregation of duties.
2. Remove any possibilities and rights of your staff in the ERP system in order to achieve the segregation of duties.
3. Perform regular checks to find out if the segregation of duties is still defined well and whether the software is still set up properly.
Authorizations do not solve everything
You cannot avoid problems just by setting the right permissions and authorizations in the ERP system. There are many other causes of fraud or mistakes. No clearly defined business roles, incorrect policies and procedures, poor system security, errors in data conversion, poor maintenance of sensitive data, etc. If you stay alert and perform regular checks on this, you will reduce the risk of abuse and mistakes significantly.
Hems van Heek is Managing Director of Dysel and has extensive experience in assisting customers in optimal use of ERP software.