D365 Finance & Operations and Dynamics AX Forum

Expand all | Collapse all

Journal Segregation of Duties

  • 1.  Journal Segregation of Duties

    Posted Jul 15, 2019 05:32 PM
    We are not a publicly held company, however our auditors are still testing internal controls over the journal entry approval process. We are running AX2012. We currently DO NOT use the workflow feature but rather use user groups. There are instances where an employee (based on role and user group) can prepare, approve and post a journal entry. Is there any segregation of duties setting which would not allow the same individual to perform all three functions?

    Second question - I can see how to add a "personalization" to my view posted journal screen to allow the creator, and approver to be listed. However, per our consultants, the only way to obtain the poster is to use the audit trail and then it appears as "creator". Is there any easier way to obtain details on who posted a journal?


    Beth Hillenbrand
    Assistant Corporate Controller
    Plymouth MN

  • 2.  RE: Journal Segregation of Duties

    Posted Jul 16, 2019 02:11 AM
    The basic functionality of Journal "group" approval does not have the feature you're looking for.

    If you want to prevent the submitter from being the approver you'll have to re-do your approval using workflow (or possibly flow)

    Zvika Rimalt
    Functional Consultant
    Vancouver BC


  • 3.  RE: Journal Segregation of Duties

    Posted Jul 16, 2019 04:49 AM
    Hi Beth,

    Against the journal there are 2 options for applying user group settings these are under "Approval" and "Blocking". If you use the blocking user group to restrict who can actually create, complete and post the journals you can then use the "Approval" setting to contain the user group for all the approvers of the journals.
    The only problem is if you have a user that is in both groups then the control breaks down as that person would be able to both create approve and post the journals.

    If this doesn't give you enough segregation then you will have to go down the workflow routes and set it up so that the workflow originator cannot be the approver.

    In relation to your second question, you can use a peronalisation to add in the "modified by" field, this would be the last person to make a change to the journal. This provides who posted the journal because once a journal is posted you cannot change it so that last person to modify the journal must have posted it.  If the "modified by" field isn't available in personalisaton,  just ask your developer to expose it in the background, a simple change to the field in the AOT.

    Mark Bailey
    Application Consultant


  • 4.  RE: Journal Segregation of Duties

    Posted Jul 16, 2019 10:03 AM
    Edited by Alex Meyer Jul 16, 2019 10:07 AM

    As mentioned previously using a workflow is required to do proper SOD with journal entries. If you use workflows, you can use them to help determine who is approving/posting to individual journals without modifying the LedgerJournalTable or LedgerJournalTrans table or placing audit trail on the actual tables. You can do this by looking at the tracking context of the workflow tied to the journal.

    Using the above, I've written a report to report around reporting on the Ledger Journal business process that shows information about the journal itself, who created it, who posted it, debit/credit amounts, voucher and account information. All of this information is pulled directly natively from AX without any customizations or modifications. Using a report like this you can quickly verify if the same user created, approved, and posted a particular journal. A screenshot of the report is below (not all columns on the report are shown):

    An Excel version showing the entire report can be found here: Dynamics AX Ledger Journal Report Example

    Feel free to reach out if you have any questions.

    Alex Meyer
    Director of Dynamics AX/365 for Finance & Operations Development
    Des Moines, IA


If you've found this thread useful, dive deeper into User Group community content by role