Dynamics 365 Segregation of Duties 101

How does your business control the segregation of duties?  Do your auditors examine the system and notice a multitude of users having access to more functions than they probably should?  Has ownership been pestering you about Johnny in accounting with ability to create new vendors, then enter and approve vendor invoices as well as make payments on those invoices?  Well look no further, because Johnny won’t be able to go full throttle anymore once Segregation of duties rules are created and implemented.

In Dynamics365 for Finance and Supply Chain there is functionality that can check to see if there are violations of Segregation of duties rules.  These rules are set up at the client level by a system administrator.

First thing to do is navigate to the segregation of duties rules via System administration > Security > Segregation of duties > Segregation of duties rules.

Once there, create a new rule and name the rule appropriate to the concern. Next, select the first duty to check for the rule, and select a second duty that might be a conflict for the rule.  Set the Severity property (risk) to low, medium, or high. Finally, add a Security mitigation value (the action to take when a violation occurs).

dynamics 365 segregation of duties

Add as many rules for the business processes as needed to ensure the proper segregation of duties are maintained.

Once complete click on the Validate duties and roles at the top of the page and any violations will show.

segregation of duties rules

Once the rules are in place it is important to verify the compliance of the user-role assignments.  This will show a list of violations that can be allowed or denied.  To run this process proceed to System administration > Security > Segregation of duties > Verify compliance of user-role assignments and click OK to run the process.

After the compliance is run the user is able to approve or deny the violations.  Navigate to System administration > Security > Segregation of duties > Segregation of duties conflicts, at this point you are able to allow or deny the violations that have been identified.  For any override a reason will be required in order to proceed.

allow assignment parameters

System administrators can also remove users from specific roles that are causing the conflict.

system admin user roles

To see any unresolved conflicts, navigate to System administration > Security > Segregation of duties > Segregation of duties unresolved conflicts.

Whether internally or externally, the Segregation of duties within Dynamics 365 for Finance and Operations provides all users, management and auditors the peace of mind that no one user has enough access and authority to be able to wield too much power within the organization.  The system administrator can ensure all parties involved that the system can be as complex as needed to ensure proper Segregation of duties and the Company will be able to pass the audits with flying colors.

If you like this blog, please see the following blog regarding Voucher Templates vs Periodic Journals in D365, your accountants will enjoy the topic.

Voucher Templates vs Periodic Journals in Dynamics 365 | Ellipse Solutions

Or your Accounts Payable group may be interested in the following Pre-payments for Vendor blog.

Dynamics 365: Pre-payments for Vendors | Ellipse Solutions

  Setting up One-Time Suppliers in Dynamics 365