Discover our industry leading expertise
As the market-leading provider of security, audit & compliance software for JDE, we have a team of experts who just love to share their knowledge with the community and our customers. Whether you’re a CNC, security analyst, senior IT manager, internal auditor or CFO, you can access the insights and knowledge that are right for you!
- Access management is the process of identifying, tracking, controlling and managing authorized or specified user's access to a system, application or any IT instance.
- June 20, 2018Eric Hendricks, IS Technician from Sumitomo Metal Mining POGO talks about how well-designed security controls can ensure the continuing success of an ERP system.
What is SOX UK?
In 2021, the UK government issued recommendations on strengthening internal financial controls and improving the quality of corporate reporting and governance. One focus in particular is around the introduction of a “UK Version of Sarbanes Oxley”! SOX in the USA places responsibility for a company’s financial statements and internal controls clearly with the CEO and the CFO. These officers must certify (inter alia) for each annual and quarterly report that they have reviewed the report, acknowledge their responsibility for establishing and maintaining internal controls and that they have evaluated the effectiveness of the internal controls within 90 days prior to each the report.
In May 2022, a further development in the drive towards reforms of corporate governance and audit was published. This continued to highlight the need for an effective internal control framework and C-level accountability. In addition, the prevention and detection of fraud would also be the responsibility of directors. Moreover, new provisions for managing cyber threats, data protection breaches and digital security risks would be required in reporting as part of the overall Enterprise Risk Management framework.
How should you prepare JD Edwards for stronger controls?
Although SOX UK is still expected to come into play at the end of next year, it can take years for an organization to implement the processes and controls required to meet future assurance needs. Are you adequately prepared to identify and prevent an inaccurate or criminal transaction from taking place within your organization? In JD Edwards, primary risks include fraud, employee error, and compliance violations. For example, does an individual have system access that permits them to execute transactions without checks and balances? An example of such risks is when one individual can create a supplier, issue an invoice, and issue a payment freely without any internal controls.
So, what can you start doing today? The Short Answer: Implement a Best Practice Compliance Model!
Your roadmap to managing risk effectively in JDE
Whether your requirements are driven by external regulation (SOX UK etc.) or internal business strategy, like improving accountability, standardising processes and better controls ownership – there are steps you can take to support these objectives. These include controls focusing on Segregation of Duties(SOD), User Access Reviews (UARs), Change Management (CM), Data Protection, and other Audit Readiness procedures. You can find out more about each control element below:
- Compliance 101: Segregation of Duties
- Compliance 101: User Access Reviews
- Compliance 101: Change Control
- Resolving Challenges with Security Audit Reports
While the increased regulation and the complexity of JDE security can make achieving compliance, effective risk management and a clean audit seem impossible, with targeted steps and the right tools, it can truly become just one more part of your business. Talk to our experts today!