Compliance requirements for ERP systems are on the rise — and given the customizability of NetSuite, if you're at a public or heavily regulated company, you can easily spend hours preparing your account for audit. We’ve heard first-hand that many public and pre-IPO companies are being asked to prove that their change processes are compliant — and luckily, with Strongpoint’s tools, proving this can be as simple as generating a few custom reports.
Your auditors want to see that you have visibility into every record-based change and financial transaction in your account, and fortunately, our tools can get you here without significantly changing the way you work. In this post, you’ll find five top NetSuite reports by Strongpoint that not only will make your auditors happy, but will help to eliminate up to 90% of the work around SOX compliance.
Why you’ll love this resource:
We designed Strongpoint's compliance tools to help you meet some of the toughest and more unique audit requirements posed by your ERP system. Out of the box, our tools come with custom reports based on our years of experience working with auditors and helping customers through the audit process. Once your auditors are familiar with how the system works and what these reports show, the audit process becomes very simple and straightforward. Here's a closer look.
1. Compliant Changes
Strongpoint’s rule-based change management system automatically checks each proposed change for risk and, if necessary, elevates it to the proper authority based on policies you've set up. Safe changes are automatically pre-cleared — and an impact assessment is logged to prove it to auditors — while more complex changes are flagged as either compliant or non-compliant. This report shows you a detailed view of every change in your system that followed your established approval policies.
2. Open Non-Compliant Changes
This report shows, at a glance, every material change in the system that didn’t follow the established approval policies. This report instantly shows managers what changed, when it was changed, what the required level of change control was, and what was affected. Once a non-compliant change has been resolved, a user can update the “Resolution Description” box so others can see how the change has been resolved. From here, the change will be removed from the Open Non-Compliant Change report and put into our Resolved Non-Compliant Change report (which you'll learn more about below).
3. Resolved Non-Compliant Changes
This report is exactly what you think — a record of all of your non-compliant changes that have since been resolved. As we love to say, your auditor is more concerned with the changes that didn't follow policy than those that did. With this report, you’ll be able to show your auditor that you're aware of everything that slipped through the cracks. Even better, this report documents the steps you took to resolve the issue, creating an immutable record of who reviewed it, when it was reviewed, and what action was taken in response.
4. Policy Changes
This report shows you changes to the "Level of Change Management Required" box. Typically, when you install Strongpoint, you'll work with our team to establish review and approval policies for different types of changes (modifying a script vs. modifying a search, for example). This report shows you when these policies are modified — making it impossible for someone from circumvent the system by retroactively changing an approval policy after pushing a change live. Auditors love this because it adds an additional layer of security to the changes that happen in your system.
5. Managed Bundle Updates
From an audit perspective, nothing is worse than a change that can't be accounted for. But even if you have the most airtight system for tracking development activity and hotfixes, you may still have managed bundles pushing out changes that you're not aware of — some of which could have downstream impacts on key business processes. Unless you have Strongpoint, these changes are not typically captured by change logs. You can find our "Managed Bundle Updates" report under the Change Management tab — and can easily show this to your auditor to prove that you know who is changing your system, and why.
Want to learn more?
Interested in seeing firsthand how these reports can take your audit prep to the next level? Get in touch with us today to arrange a demo and learn how our audit-focused tools will transform your compliance journey.
Alternately, head to our SOX Compliance for NetSuite page to learn how our tools have helped other companies just like you!