D365 Finance & Operations and Dynamics AX Forum

Expand all | Collapse all

How does your organization request security access and look at SOD

  • 1.  How does your organization request security access and look at SOD

    Posted 13 days ago
    Edited by Calvin Eddings 13 days ago
    Does anyone have suggestions for workflow request and approval solutions for requesting access to d365?  I need it to help identify SOD risk.   Anyone use Fastpath Identity Manager? Would like to hear feedback about that as a solution.

    Thanks!

    #Security#FinanceandOperations


    ​​​

    ------------------------------
    Calvin Eddings
    The Church of Jesus Christ of Latter-Day Saints
    Salt Lake City UT
    ------------------------------
    Conference-AXUG_200x200


  • 2.  RE: How does your organization request security access and look at SOD

    GOLD CONTRIBUTOR
    Posted 12 days ago
    Hi Calvin,

    We don't have a workflow in place, however, any access request or modification is approved by our ERP business lead, who is also our director of finance. This is done through email, and less than ideal, but it works for us for now. We don't do audits on a regular basis, i.e. who has what role and is that correct, but we do it randomly and usually remove roles from people rather than adding any.

    I should also mention that we use mainly customized security roles and not the ones that came with D365F&O, and they are named after the job titles, so it's a little easier to know who should have what security access just by looking at their job title.

    Let me know if you have any further questions.

    ------------------------------
    Kerstin Newman
    Business Analyst
    StarTech.com
    London ON
    ------------------------------

    Conference-AXUG_200x200


  • 3.  RE: How does your organization request security access and look at SOD

    Posted 12 days ago
    Thank you very much for your reply.

    Relating that to my situation - it is helpful to hear who is doing your approvals - I am considering a more centralized approval model like you described, versus a very decentralized approval model currently at many locations and by many people. Because I find those people don't understand security enough to really add value or be a 'gate keeper'.

    That is interesting that you have set up custom roles - the idea of that is daunting for the number of job types we have.  We have only done that to provide users to custom code so far.  But I have created job profiles that are lists of d365 roles that should be assigned to a given job profile.  So far that has proven very helpful - instead of just copying users.


    ------------------------------
    Calvin Eddings
    The Church of Jesus Christ of Latter-Day Saints
    Salt Lake City UT
    ------------------------------

    Conference-AXUG_200x200


  • 4.  RE: How does your organization request security access and look at SOD

    Posted 12 days ago
    We use FastPath with AX 2009.  It has some limitations - maybe not present with D365 - but it works well enough.  I don't know of anything better out there.  Make sure to budget a lot of time for configuration and testing.  I would recommend talking to a 3rd party about what risks you should be measuring.  The out of the box ruleset is fairly limited.  I have one particular consultant I can recommend if you message me.  One big plus on the Fastpath team - Alex Meyer and others are very responsive to questions.

    ------------------------------
    Ben Green
    Orion Energy Systems
    Manitowoc
    ------------------------------

    Conference-AXUG_200x200


  • 5.  RE: How does your organization request security access and look at SOD

    Posted 12 days ago

    FastPath has a nice tool for this.  I'm not sure if standard AX does or not.  We have used the tool in FastPath and it's good.

     

    TJ Dennis

    CIO

    Office-(712) 252-6562

    TJ.Dennis@WilsonTrailer.com

    image001.gif@01CBD975.FA3046E0

     




    Conference-AXUG_200x200


  • 6.  RE: How does your organization request security access and look at SOD

    SILVER CONTRIBUTOR
    Posted 12 days ago
    Hello!  At Texas Roadhouse we have an Accounting Information Systems team and an Accountant in that team prepares every security request for AX & the Director of that team approves each request before it goes to IT for the user to be provisioned.  That same team reviews a list of SOD items every month & prepares a quarterly user review that reviews the roles assigned to users, critical access, etc.  We are on AX 2012 & we have used FastPath since our go-live, 3 years ago.  They have helped us automate our reporting for reviewing SOD's & critical access.  The FastPath team provides great support & has helped us work through multiple initiatives within our team.  Kayla King from our team has also been working with our auditors on controls around workflow & how we can manage that as well.  She also has worked with FastPath on a lot of our automation. Her email is kayla.king@texasroadhouse.com.  Please reach out to her if you would like to discuss more in detail or have any further questions!

    ------------------------------
    Kristal Baird
    Director of Accounting Systems
    Texas Roadhouse
    Louisville KY
    ------------------------------

    Conference-AXUG_200x200


If you've found this thread useful, dive deeper into User Group community content by role