1 / 29

Segregation of Duties for Infor-Lawson Software A Key Element in the Compliance Lifecycle

Segregation of Duties for Infor-Lawson Software A Key Element in the Compliance Lifecycle. Agenda. A Key Element in the Compliance Lifecycle. Compliance Dashboard. About Us Proactive SoD Reactive SoD Mitigation. About Us. A Key Element in the Compliance Lifecycle.

marisab
Télécharger la présentation

Segregation of Duties for Infor-Lawson Software A Key Element in the Compliance Lifecycle

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Segregation of Duties for Infor-Lawson Software A Key Element in the Compliance Lifecycle

  2. Agenda • A Key Element in the Compliance Lifecycle Compliance Dashboard • About Us • Proactive SoD • Reactive SoD • Mitigation

  3. About Us • A Key Element in the Compliance Lifecycle Committed to your success. • Founded in 1983, Kinsey has provided software sales, implementation, support and development for 35 years. • Lawson reseller and implementation partner since 1997. • Lawson certified systems integrator partner. • Lawson complementary software partner. • Lawson’s “Go to” implementation partner for public sector. • Provide complementary Lawson software products.

  4. Our Solution A Key Element in the Compliance Lifecycle

  5. Segregation of Duties • A Key Element in the Compliance Lifecycle

  6. Effective Segregation of Duties • A Key Element in the Compliance Lifecycle

  7. Characteristics/Benefits of Effective SoD • A Key Element in the Compliance Lifecycle • Built-in model enables SoD enforcement • Violations checked before user provisioning • Your decision to enforce rules or allow violations • Saves time (=money) • Easy set-up using delivered SoD policies • Easy testing for violations • Quick and easy reporting • Reduces auditing effort / costs • Reduces Risk • Enforcing and reporting SoD violations reduces opportunity for fraud

  8. SoD Issues • A Key Element in the Compliance Lifecycle • Limited Functionality • No delivered polices or rules in S3 • No SoD reporting in Landmark • No notifications • No remediation process • Use a Spreadsheet? • How do you: • Ensure the actual access control mirrors the spreadsheet? • The right people access the right data? • Manage change control problems? • Assess impact of changes? • Manage enforcement of SoD?

  9. Segregation of Duties 300 Delivered Policies With our delivered policies covering Asset Management, Cash Management, Closing Procedures, Inventory Control, Order Processing, Payables Management, Purchasing, Receivables Management, and Payroll you will receive immediate benefits from the SOD reports. You can also define your own policies using the SOD admin screen, Over 2,500 Predefined Rules Compliance Dashboard for Infor-Lawson Our Lawson application consultants have defined over 2,200 rules that are used to validate that your security conforms to the 240 SOD delivered policies. You have full flexibility over adding or changing any of the rules. Automatic Email Notifications Once you have defined a report simply add it to our schedule so you can be notified when a security change causes an SOD violation. The Segregation of Duties application is designed to ensure that you have the proper checks and balances built in your security model to prevent fraudulent activity. With the added flexibility of our ad-hoc reporting you can create, save, and email critical reports as needed.

  10. Policies & Rules - Segregation of Duties • A Key Element in the Compliance Lifecycle SOD Policy Library S3 and Landmark Applications Supported 9 Predefined Categories Library includes 300 Policies 2,500+ Rules Policy Ratings Create New Categories Create New Policies Create New Rules Modify any Existing Policy Define rules by Form, Role, Security Class or Field

  11. Proactive SoD • A Key Element in the Compliance Lifecycle Policy Library

  12. Proactive SoD • A Key Element in the Compliance Lifecycle • Objective • Prevent SoD violations occurring during security assignment. • Ensure security policy is enforced long term. Role Modeling SoD Notifications

  13. Proactive SoD • A Key Element in the Compliance Lifecycle SoD Violations Check LDAP EntryClerk Fail EntryClerk APAdmin Pass

  14. Proactive SoD • A Key Element in the Compliance Lifecycle SoD Violations Check LDAP EntryClerk Print Report Fail EntryClerk APAdmin Pass

  15. Proactive SoD • A Key Element in the Compliance Lifecycle

  16. Proactive SoD • A Key Element in the Compliance Lifecycle

  17. Reactive SoD • A Key Element in the Compliance Lifecycle • Objective • Accurately assess existing security for remediation. • Reduce audit time and cost. SoD Reporting SoD Dashboard

  18. Reactive SoD – User Reporting • A Key Element in the Compliance Lifecycle SoD Violations Check LDAP Fail Pass

  19. Reactive SoD – User Reporting • A Key Element in the Compliance Lifecycle SOD Violation Reports User / Policy Conflicts Policy / User Conflicts Composite Roles / Policy Conflicts Role / Policy Conflicts Differences Report Activity Conflicts Microsoft Excel Export Unlimited Saved Reports Scheduled Email Notifications Drill Directly to Security Reports

  20. Reactive SoD – User Reporting • A Key Element in the Compliance Lifecycle SOD Violation Matrix

  21. Mitigation • A Key Element in the Compliance Lifecycle • Objective • Accurately assess existing security for remediation. • Resolve SoD Conflicts • Reduce audit time and cost. SoD Remediation

  22. Reactive SoD – User Reporting • A Key Element in the Compliance Lifecycle SoD Violations Check LDAP Fail Pass

  23. Mitigation – User Reporting • A Key Element in the Compliance Lifecycle SoD Violations Check LDAP Print Report Fail Pass Modify Security

  24. Mitigation – User Reporting • A Key Element in the Compliance Lifecycle SoD Violations Check LDAP Print Report Fail Pass Modify Security

  25. Mitigation – User Reporting • A Key Element in the Compliance Lifecycle SoD Violations Check Monitor User Activity LDAP fnelson Fail Finance Users Pass

  26. Mitigation • A Key Element in the Compliance Lifecycle SoD Remediation

  27. Demo

  28. Applications require a simple dedicated virtual server. • Available for Lawson versions 9.x, 10.x and 11.x. • Supported for on premise or hosted in Lawson environments. • Remote installation is done in 1 to 3 days depending on products selected. • Remote training can be completed is less than 2 days depending on products selected. Implementation

  29. Kinsey & Kinsey, Inc. 26 North Park Boulevard Glen Ellyn, IL. 60137 630-858-4866 g.henson@kinsey.com call 757-621-8236 www.kinsey.com Thank you for attending! We hope you found it helpful!

More Related