Choosing the Right Tools for Auditing Activity Inside Dynamics GP

Author: Ryan Pekrul

Auditing Changes in Dynamics GP-Blog Header

Change…

It is something that every organization faces.  Whether it is the change of a business process, change of personnel, change of a software solution or change of data within a software.  Some types of change are more complex than others, but even something as simple as the changing of data within a system can result in a significant amount of resources being expended.  Frequently determining the how, why, when and who behind the change will take exponentially longer than the actual change itself.  In order to reduce the effort spent on answering these questions we will review the key features of the tools available for Dynamics GP that will help audit the system.  Our goal is to provide you with a succinct snapshot of the options available for Dynamics GP and help narrow down the correct solution for your organization.  Below are four options that will help you answer these questions.

 

Option #1:  Dynamics GP – Activity Tracking (GP Feature)

Highlights:

  • The software is included with the Dynamics GP Licensing.
  • The solution provides the tracking of:
    • User Logins (successful/unsuccessful)
    • System Access (windows/reports a user accessed)
    • File Access (Additions/Deletions/Modification made to setup or master data)
    • Process Auditing (who/when a maintenance, utility or routine was initiated)
    • Posting Auditing (who/when a posting process was initiated
  • It provides a high level of granularity in its’ reporting (field level tracking is not supported).
  • The reporting is delivered natively in the system (requires a Dynamics GP license).
  • All tracking data is stored within Dynamics GP (purge utilities provided).
  • The tracking options are configured on a per user and per company basis.
  • The solution provides passive auditing and does not provide eSignature features within Dynamics GP or allow for entry of a reason at the time of a change.

 

Option #2:  Fast Path – Audit Trails (3rd Party Solution)

Highlights:

  • The software is purchased on an annual subscription basis, based on the # of Dynamics GP users.
  • The solution provides field level auditing for changes that originated within and outside of Dynamics GP (table/field level and schema level for any SQL table/database in the instance). The solution does not provide field level auditing from the GP screen itself.
  • Pre-configured audit templates are available out-of-the-box to reduce configuration time.
  • Audit reporting is delivered via a web portal, which allows for scheduled delivery of reports and allows for eSignature for report reviewers.
  • All audit data is stored temporarily within Dynamics GP, then moved to a dedicated database, nightly, to aid with system performance (archive/purge utilities provided).
  • Auditing is configured on a per field, per table, per company basis (filters to support conditional auditing based on users, event type, originating system, etc.).
  • The solution is a modular platform that offers products for other security/compliance related needs, at an additional cost (AD synchronization, user provisioning/security workflow approval, segregation of duties reporting, etc.).
  • The solution provides passive auditing. It does not support eSignature features within Dynamics GP, email notifications at the time a change occurs or entry of a reason at the time of a change.

 

Option #3:  Rockton – Auditor (3rd Party Solution)

Highlights:

  • The software is purchased outright based on the number of Dynamics GP users (annual maintenance fees apply).
  • The solution provides field level auditing for changes that originate both within the system (field level audit from the GP screen or SQL table) and outside of Dynamics GP (field level for any SQL table/database).
  • Audit reporting is delivered primarily within Dynamics GP Smartlist (system allows for notifications and emailing to administrators at the time a change occurs).
  • All tracking data is stored within Dynamics GP (archive/purge utilities provided).
  • Auditing is configured on a per field, per table, per company basis (filters available to limit based on users, event type, etc.).
  • The solution supports configuration for both passive and interactive auditing. It includes features to support eSignature within Dynamics GP and allows for entry of a reason at the time of a change.
  • The software also includes segregation of duties reporting (requires manual configuration of security conflict rules).

 

Option #4:  Merit Solutions – Audit Trails (3rd Party Solution)

Highlights:

  • The software is purchased outright based on the number of Dynamics GP users (annual maintenance fees apply).
  • The solution provides field level auditing for changes that originate both within the system (field level audit from the table) and outside of Dynamics GP (field level audit from the table).
  • The solution only supports auditing of tables included in the GP dictionaries only and will not support the auditing of custom tables added directly to the GP databases.
  • Audit reporting is delivered within Dynamics GP via SmartView window (similar to Smartlist functionality).
  • All tracking data is stored outside of the Dynamics GP system in a dedicated database to aid with system performance (truncate utilities provided).
  • Auditing is configured on a per field, per table, per company basis (filters available to support conditional auditing).
  • The solution supports configuration for both passive and interactive auditing. It includes features to support eSignature within Dynamics GP and allows for entry of a reason at the time of a change.

All of these tools offer their own benefits and drawbacks.  When correctly applied all can augment your Dynamics GP solution reduce time identifying who, when and why a specific change was made.  Some questions that should be answered to narrow down the correct solution for your organization are:

  • What type of information needs to be audited?
  • Should the system prevent a user from making an unapproved change?
  • Who will be reviewing the changes made?
  • How many reviewers are there?
  • Do the reviewers have access to Dynamics GP or is there a need to review changes externally?
  • Are there any other compliance requirements that the organization needs to address in addition to system auditing?

Need assistance analyzing the requirements essential to your organization? Lean on us to help you determine the right tool for you by reaching out.