Data integrity and security is essential to providing the appropriate management information necessary to meet contractual commitments and internal best practices. For clients that utilize Costpoint as their nucleus set of applications, inherent to the application is the ability to generate the Security Audit Report. Identifying user application access permissions is often addressed at setup or during the hiring of a new employee however seldom visited as a part of overall best practices. Most audit firms periodically request a review of a client’s security and data integrity procedures and policies. This is even more prevalent where clients are contractually committed to implementing and demonstrating their compliance.
Several areas to look at include:
- Have we established group environments and allocated permissions based upon groups?
- Have we reviewed our password and access permissions at an individual level?
- Do we have a formal process to address both terminated and new employees?
- Is there an appropriate internal check and balance to review access permissions?
- Are our internal processes compliant with contractual commitments?
At Sand Solutions we have taken the output from Costpoint Security Audit and generated proprietary reports that are reviewed with our clients. Through the Sand Solution support team we are able to assist our clients with establishing a best practice philosophy that helps assure data integrity and contractual commitment.
For further information or a candid discussion relative to the Costpoint Security Audit, please contact Sand Solutions.