[In this series, we’re looking at quick fixes to improve GP security. ]
We’ve looked at separating master records like vendors and customers from related transactions. Those are easy ways to improve security. The same advice applies to items.
It’s important to ensure that users with access to manage items, don’t also have transaction access to inventory, purchasing, sales. A user with access to items and sales transactions could artificially lower an item price and then process a transaction at the reduced price. Access to items and inventory transactions could allow inventory manipulation in the financial statements including the creation and write-on of non-existent inventory. Finally, a user with item and P.O. access could manipulate the accounts assigned to an item and flow that manipulation through the purchasing process.
It’s not unusual to find warehouse managers with access to manage items and make inventory adjustments. Resist the urge to allow that. There are simply too many ways to commit fraud or manipulate the financial statements with access to items and item transactions.
Object: Item Maintenance
Role IDs: Operations Manager, Poweruser, Purchasing Agent, Purchasing Manager
Note that all four of these roles provide access to item maintenance, purchase orders, item transactions and sales transactions. In other words, they are full of item related conflicts. It’s going to be important to split up these roles to properly segregate access.
You can find all of the fixes in this series at GP Easy Security Fixes.