Sunday, November 3, 2013

3rd party solutions - Physical Tables with Sudo Access

Buying a 3rd party solution

Software out of the box

Understand the purpose of a software purchase.  People have a business need that a software solution was designed to perform in a logical manner. 

Every software purchase must know the following questions;
  • Is the software by design in compliance with GAAP/GARP?
    • Security Exchange Filings 
  • How does the software support ISO 9000 and ISO 14001? 
    • Quality and Environmental Systems
Example; In any 3rd party solution we build the software to run without any other software and this can only be done if we allow the creation of a customer.  
  • The sole purpose of a customer record in any company; to generate revenue.  
  • Every revenue item on the quarterly financials includes a transaction with a customer.  

GAAP/GARP - regulatory reporting requires a series of key controls be verified before reporting to the SEC each filing period. 

Every company must control the "create, update and archive" process for any customer which includes as many as twelve (12) unique individual types of key controls.

Perhaps you elected to answer the question or the sales representative was not well informed about the software.

Any software with an ability to create a customer, has either negative impacts when not part of the "Corporate Policy and Desk Procedures for Customer create, read, and update".
Any software with an ability to create a customer, has either negative impacts or positive impacts when the feature is turned off and the required for the software to function associated by a service call to the system of record for ERP Master records.  If not authorized, this series will go into solutions that we might have as alternatives to the challenge which protects the customers privacy.  

Segregation of Duties

A key control on both IT and Business roles who are authorized to create, update or archive a master record in ERP.

Physical Tables - db user name and table user name

Database "sudo access" controls breaks this effective control - "ineffective" design control and an inability to do batch transaction processing in the expense (cost) or revenue (benefits) workflows is a key indicator measure of the integrity of a companies resources and leadership competencies. 

Physical Tables - Reference Data Dissemination

Reference Data is dependent upon a physical table to many systems and the connection between Management and Transaction capabilities.

Key controls are designed into the process and considered either "effective" or "ineffective" during an audit.
















Performance of the organization is report externally taking the expenses and comparing them against the revenues in private or cost against benefits in public sector reporting, both report to the Security Exchange Commission. 

Every company or agency in both public and private sectors has a correlation with internal processes related to "accounting close" procedures.  While the formal report is a quarterly activity all actions during the period and in the activities which introduce a change in the ERP system and associated systems into ERP or acquiring from ERP.  

Basically the report monitoring must be designed to logically summarize the expense transactions as the cost are incurred in the life of either operational overhead or build of the offers.  

Why do I strongly urge people work on change, transformation or innovation to use common sense first?

If you are migrating business people from manual or a legacy system to a new 3rd party solution.
If you are changing a 3rd party solution before rolling out the foundation of the solution.
  • You are being asked to perform task that the vendor may not support and may cause the 3rd party solution not to work as designed.  

No comments:

Post a Comment

User Centered Design Blog Statistics

1-62 of 62 A citizen is an individual in an agent role with a population Edit  |  Preview  |  De...