Logo
programming4us
programming4us
programming4us
programming4us
Windows XP
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone
 
 
Windows Server

Securing Dynamics NAV Applications : Sarbanes Oxley compliance

7/15/2011 6:14:29 PM

The Sarbanes Oxley compliance or SOX compliance has been a huge concern for corporations across North America over the last few years.

Security, backups, and authorization

Dynamics NAV provides an extensive range of tools to work with security. In addition, Dynamics NAV also provides an integrated security structure with Windows Authentication and the SQL Server security model. The Dynamics NAV backup feature provides the ability to back up the database from within the application. Regular backups could also be scheduled to ensure effective database recovery procedures are in place.

Access control and audit trail

In addition to that, a user is restricted by Dynamics NAV roles and permissions to the level where the user is able to perform his daily activities on the system. This is further cemented with the new Role Centers in Dynamics NAV RoleTailored Clients.

In the SQL Server option for Dynamics NAV, it is possible to provide record-level security, which ensures that specific users view only specific areas of the application.

The User ID of the user performing a transaction in Dynamics NAV is tagged at every stage, including data entry in the documents and journals. The User ID can also be found in the ledger entries and on posted documents, thus enabling a smooth trail of transactions supported by dates and times.

Shown next is a screenshot of the G/L Entries, showing User ID and Source Code to identify the source of transactions:

Change Log

A Change Log feature in Dynamics NAV, if set up, provides a log of all the changes made to the data, including insert, modify, or delete.

To set up the Change Log in Dynamics NAV, let's follow the next steps:

  1. 1. From the Administration menu in Dynamics NAV, scroll to the Application Setup and then expand further to General and open the Change Log Setup screen as shown next:

  1. 2. To start using the Change Log, check the Change Log Activated checkbox.

  2. 3. Click on the Setup menu button at the bottom of the screen and select Tables.

  3. 4. This opens a list of all Dynamics NAV application tables, with options to log insertions, deletion, or modification of those tables, as shown next:

  1. 5. For each table, that needs to be change logged, there is an option to select all fields in the table, or select a collection of some fields (by selecting some fields and clicking the Assist Edit button).

  2. 6. Once the setup has been done, the changes in the application tables start getting logged in the Change Log Entries screen as shown next:

Data validation and accuracy

The Dynamics NAV application provides several checks and balances at every step throughout the various stages of application including data entry and postings. Language-specific error messages and prompts assist users with the data accuracy and ensuring the correct information enters the application. There are checks to ensure the debits and credits match; field-level controls are established throughout the application to ensure the fields that are mandatory for the transaction are entered by the user before moving on.

Effective change management

Change management procedures are an essential part of maintaining a SOX-compliant application. A few aspects of change management to keep in mind while defining the organization's change management policy are as follows:

  • Every change must be driven by a business case or an issue raised by a business process owner. This must be documented.

  • The change done to the application must be tested in a separate test database before releasing the code to a live database.

  • The object files must be logged and so should be the objects changed to accomplish the change.

  • Proper versioning of objects ensures the previously defined measures are accomplished easily.

  • Appropriate approvals must be given to promote the object changes to the database and must be documented in the change management process.

There are several tools available across a wide range of partners to manage the code promoted to the database and report on it.
Other -----------------
- Securing Dynamics NAV Applications : Roles and permissions
- Microsoft Dynamics CRM 2011 : Removing Members from a List by Using Advanced Find
- Microsoft Dynamics CRM 2011 : Adding Members to a List by Using Advanced Find
- Microsoft Dynamics AX 2009 : The MorphX Tools - Project Designer
- Microsoft Dynamics AX 2009 : The MorphX Tools - Application Object Tree
- SQL Server 2008 : Backing Up the System Databases & Backup History
- SQL Server 2008 : Managing Backups - Using Encryption
- SQL Server 2008 : Managing Backups - Backups from T-SQL
- BizTalk 2009 : Ready-to-Bake BizTalk Performance Plan (part 4)
- BizTalk 2009 : Ready-to-Bake BizTalk Performance Plan (part 3) - What to Keep in Mind When Tuning
 
 
Video tutorials
- How To Install Windows 8 On VMware Workstation 9

- How To Install Windows 8

- How To Install Windows Server 2012

- How To Disable Windows 8 Metro UI

- How To Change Account Picture In Windows 8

- How To Unlock Administrator Account in Windows 8

- How To Restart, Log Off And Shutdown Windows 8

- How To Login To Skype Using A Microsoft Account

- How To Enable Aero Glass Effect In Windows 8

- How To Disable Windows Update in Windows 8

- How To Disable Windows 8 Metro UI

- How To Add Widgets To Windows 8 Lock Screen
programming4us programming4us
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 windows Phone 7 windows Phone 8
programming4us programming4us
 
Popular keywords
HOW TO Swimlane in Visio Visio sort key Pen and Touch Creating groups in Windows Server Raid in Windows Server Exchange 2010 maintenance Exchange server mail enabled groups Debugging Tools Collaborating
programming4us programming4us
PS4 game trailer XBox One game trailer
WiiU game trailer 3ds game trailer
 
programming4us
Women
programming4us
Windows Vista
programming4us
Windows 7
programming4us
Windows Azure
programming4us
Windows Server
programming4us
Windows Phone