Home $ NetSuite $ 5 Ways You Can Manage the Auditors with NetSuite ERP system

5 Ways You Can Manage the Auditors with NetSuite ERP system

Jul 10, 2018 | NetSuite, Optimizations & Rescues

If dealing with an annual audit feels like inviting an unwanted relative to your Thanksgiving dinner, then these simple NetSuite practices will help you keep your auditors satisfied.

1) Segregation of Duties

It is not uncommon for consultants to assign Administrator roles to employees during the implementation and configuration of NetSuite ERP system. The Administrator access is a very powerful role that allows almost anything and everything within the NetSuite ERP system.

It is very important to remove Administrator access from users other than the system administrator such as the IT department and/or select few super-users within the organization. Having a large number of Administrators in the system may raise the alarm to the auditor. Here are some NetSuite ERP system practices you should follow when it comes to segregation of duties:

  • Assign Edit access rather than Full access to records. Edit access will allow a user to view, create and edit but not delete.
  • Create separate roles and assign multiple roles to a user even if they have to perform conflicting functions within the system. For example, if the warehouse purchases and receives inventory, create a “Buyer” role with access to create and edit Purchase Orders and a “Warehouse” role with view access to Purchase Orders and edit access to Receive Orders and Item Receipts.
  • Leverage NetSuite ERP system approval routing using standard configuration or advanced Suiteflow to manage and segregate record entry versus approval.
  • Keep proper documentation of users and roles including why they need particular roles or permissions to perform their job duties.
  • If several users within the organization require an Administrator type access, consider assigning them a Full User role or create a custom role that has access to every record type in the system.

2) Preventive Controls

Preventive controls are designed to avoid errors or irregular activities within the system. Native NetSuite ERP system has a number of preferences that can serve as preventive controls, but also allow for varying degrees of customization that will keep your auditor satisfied. Here are some examples:

  • Review and select the correct Accounting Preferences (i.e. should a user be allowed to post outside of the current period)
  • Make important fields mandatory when possible when designing entry forms for users so they will not be forgotten
  • Customize NetSuite ERP system to validate data quality using Suiteflow or Suitescripts such as returning a pop-up window or automating calculated fields.

3) Compensating Controls

Where preventive controls are not possible or feasible, compensating controls can be implemented to catch exceptions. Saved searches can be a powerful tool to trigger alerts when exceptions occur and configured to instantly send out notifications via email. In addition, email notifications can be scheduled to be sent periodically with a list of records matching criteria for review purposes. Here are some examples:

  • A saved search email notification being sent to the Accounting Manager when the department is blank on a Journal Entry
  • A saved search email notification being sent out at the end of the week summarizing a list of invoices created and approved

4) System Notes

NetSuite ERP system maintains system notes to track any changes made to a record, System Notes cannot be modified in any shape or form and can be pulled into a saved search for the auditors. System Notes keep track of the following:

  • Date of the change
  • User who made the change
  • Role of the user who made the change
  • Type of change
  • Old and new value

In addition, NetSuite ERP system also has Transaction Audit Trail that can track the creation, modification, and deletion of transaction records as well as Login Audit Trail that can track when users log into the system and what role they used. It is important to review system notes and audit trail regularly as part of internal controls.

5) Sandbox Account

A NetSuite sandbox is a test environment that can be purchased in which customization and system changes can be done without worrying about affecting your production account. Sandbox accounts can be refreshed the same configuration, data, and customization as your production account. Configuration in sandbox can be bundled and pushed to your production account. This will satisfy the common concerns from auditors regarding system changes. The following are examples of activities best executed first in sandbox:

  • Testing customization elements before deployment
  • Fixing issues with existing customization.
  • Trying out third-party integration features.
  • Training employees

Bottom Line

As you see, NetSuite ERP system comes equipped with a lot of controls that administrators can leverage to keep the auditors satisfied.  Some of these controls require additional NetSuite configuration and customization.  Therefore, its best to engage a NetSuite partner to help design proper and adequate controls.

As a 100% NetSuite consultancy, at Trajectory we work with a number of clients who need help during and following their NetSuite ERP system implementations. We help with optimizations, system re-evaluations, new module additions, and even re-implementations.

Trajectory Group

YOUR JOURNEY STARTS HERE

Take control of your company’s path to success.
Set new goals, keep moving.

Blog

INSIGHTS

#

Recent

$

Older

$

Older

NetSuite OneWorld: An Admin Guide

NetSuite OneWorld: An Admin Guide

Operating an international business is a substantial challenge. To encourage customer growth, NetSuite introduced OneWorld, an addition to the cloud-based ERP system.

read more
NetSuite Manufacturing Module

NetSuite Manufacturing Module

The NetSuite Manufacturing module allows your team to have operations management, inventory control, work orders, and production planning in one easy-to-use system.

read more
Successful NetSuite Integration Guide

Successful NetSuite Integration Guide

NetSuite ERP is not a magical all-in-one IT replacement solution. Good News: developers at Oracle built flexible code to integrate with your existing business-critical apps to plug-in with ERP.

read more
7 Ways to Find NetSuite Support

7 Ways to Find NetSuite Support

Contacting NetSuite Support is one way to resolve problems or get answers to day-to-day questions. However, it’s not the only way to get help when you find yourself stuck.

read more
NetSuite Time Tracking Made Easy

NetSuite Time Tracking Made Easy

If time entries are billable to the customers, some organizations choose to have an approval process as an additional step, and as users, we prefer that this system to be as friendly as possible.

read more
Boring Meetings? Stop wasting your teams’ time

Boring Meetings? Stop wasting your teams’ time

You can only snooze so many times before starting your day later than you should – it’s now 6am and it’s gone time! First thing’s first, you grab your phone and look over your feeds; news, social media, and calendar.

read more
Big Bang vs Phased ERP Implementation Strategies!

Big Bang vs Phased ERP Implementation Strategies!

You have finally come across an article that explains the ins and outs of Big Bang vs. Phased ERP Implementation process. Chances are, you’re about to start a big software project, and aren’t quite sure of your implementation strategy.

read more