13 February 2024

Segregation of Duties in Business Central

Permissions in Microsoft Dynamics 365 Business Central are very complex. Besides that it is hard to set up authorizations properly with all your separation of duties requirements, It is even harder to keep the permissions in control after go-live. With lots of changes in your organization and very few tools that help you to get insight in your authorizations, you get easily lost in the dungeons of permissions errors and difficult object names.

Navigating Audits and Internal Controls

So what do you do when your internal control or audit department, or even worse, your external accountant drops by and asks you a few (for the eye easy) questions? Like "Can you show me the setup of your segregation of duties matrix?" or "Can you show me who has permissions to this very important task?". Most companies find it very difficult to get even close to answer these common questions.

The Core Challenges of Permission Management

Now why is that? The main problem normally consists of two parts:

  1. The permission sets are not set up in a structured way, making it difficult to get insight;
  2. There is no proper tooling that helps you in generating permission related reports.

Solving Permissions with Authorization Monitoring

The first problem requires a proper authorization set up project. For the second problem, luckily there is our Authorization Monitoring module in Authorization Box. With Authorization Monitoring, you can easily translate the questions of the accountant to the system and it generates clear permission reports on which you can even register your own internal audit findings. Furthermore, you can define permission conflicts, thereby translating your segregation of duties into the system and monitor those as well. Once you've set this up properly, you can show every stakeholder that you are truly in control of your permissions.

Streamlining Audits with Proper Permissions Setup

When you have a proper set up of permissions and you use the correct tooling, the internal and external audits become standard checks instead of cumbersome, sometimes embarrassing, trajects. If you need any help in investigating how our solutions could help you to improve your level of security, let us know!