Avoiding False Positives When Monitoring Administrator Behavior

In NetSuite, the Administrator role gives users broad transactional powers — and with that comes the potential for fraud. In an ideal world, no one user would be able to create, edit and delete any and all transactions in a production account. 

Of course, as we all know, the real world is messy. Transactional changes by admins are sometimes necessary. However, detecting these changes is more difficult than you might expect. As a result, even if you trust your team completely, audit readiness can be a challenge.

Regularly monitoring and reviewing all transactional changes made by users with admin privileges is a key part of prepping for SOX compliance — not to mention a best practice for staying safe.

The Problem With System Notes

As Strongpoint CEO Mark Walker points out in the video below, it’s entirely possible to monitor transactional activity using NetSuite’s system notes. The problem? False positives. And lots of ‘em. 

As you’ll see, system notes have limited filtering capabilities. And they don’t always accurately differentiate between changes made by Admin Scripts and changes made by users through the UI. Which means that a lot of the results they generate aren’t actually changes that need review.  In order to get accurate reporting, you need to compare a list of system notes flagged as being made in the Administrator role with a list of Administrators.

That’s where Strongpoint comes in. Our Agent Control module automatically searches system notes for transactional behavior, and crossmatches the results against the Employee Record to find all changes made by users with admin or related privileges. This effectively filters out false positives, so you — and your auditors — can focus on what’s most important. It also ensures that your report is always up to date to include any new Administrators.

Watch the video for a demo:

More Tools for SOX

Of course, monitoring admin activity is just one small part of SOX compliance in NetSuite. Keep watching this blog for additional videos and other useful content. You can also download our ebook on user roles and permissions to learn more.

Is your company publicly traded, or on its way there? We’ve helped hundreds of organizations — including the largest tech IPO in the last ten years — get ready for SOX audits faster. Reach out to learn how we can help you:

Learn More