NetSuite Master Data and Financial Controls

Monitor and protect the data that's most important to your business — and your auditors

Configuration changes are not the only important changes to your NetSuite account. Changes to master data can significantly affect financial integrity. Similarly, not all risk can be managed through roles and permissions alone. To manage these exceptions effectively, you need a solid system of detective controls.

Some companies use saved search alerts as detective controls, but have difficulty proving that alerts were sent or acted upon. In addition, system notes searches can be difficult to run over a significant time frame. The result is that even with robust processes, staff are often overwhelmed, resources are tied up and auditors are left unsatisfied at audit time.

Canva Design DAEeMBN7lyk
Canva Design DAEeMLhF6q0-1

How Strongpoint Helps

With Strongpoint’s master data and financial controls, you can move from static monitoring to active response — and create an auditable trail that will make compliance easier. Strongpoint converts saved searches into powerful detective controls that route violations to the proper authority for review and clearance, and collects it all in a separate, auditable GRC system. 

Enhanced features enable cross-matching between searches to reduce false positives. Automated processing allows for searches to be run more efficiently and reliably.  Best of all, all of the control incidents can be consolidated into a single list for easy review.

Agent Controls at-a-Glance

Not everything can be managed with NetSuite's roles and permissions. Strongpoint Agent is our advanced module for monitoring master data and financial controls.

It's built on saved searches, so it's easy to use and, best of all, it's entirely contained within NetSuite, giving you an audit-ready record of all violations and the steps you took to resolve them. 

Here's Strongpoint's Amy Carlson with a two-minute explainer.

Monitoring Transactional Behavior

The Administrator role in NetSuite is highly sensitive. Ideally, an Admin's broad powers should be used to maintain the system — they shouldn't handle transaction activity at all. 

However, Admins can and do make transactional changes. Since it isn't possible to prevent them outright, the best thing you can do to prevent fraud and maintain compliance is to put in place detective controls that monitor them. 

Normally the process for doing this involves running saved searches on system notes. But this can produce tens of thousands of results that make analysis effectively impossible. 

Strongpoint Agent allows you to cross match the results of a system notes search with the results of an employee record search. In other words,  you can greatly narrow down your results by eliminating everything that wasn't created or edited by a user with Admin (or similar) privileges. 

check-1

Gain additional visibility to risky changes and events

check-1

Log violations and get alerts when things change

check-1

Filter out 'execute as admin' false positives

Case Study: Managing 'Execute as Admin' False Positives

Why is Agent's cross match feature necessary for protecting financial data? In NetSuite, scripts and workflows have the ability to execute as an Administrator. So what looks in system notes like Admin behavior is actually a harmless automation. 

For auditors, however, unless you can prove otherwise, it's a huge red flag and potential control violation. By running a cross match search in Strongpoint Agent, you can avoid hours of work and prove to auditors that you're focusing your efforts on actual violations.

Watch a one-minute explainer or head over to the blog for a detailed tutorial.

Focusing on Critical Objects

Strongpoint automatically monitors transactional behavior — changes to accounting lists, bills of materials, revenue recognition templates and other financial objects.

It continuously checks every change across a list of customizable rules to flag non-compliant issues for review. Then, it gives you a set of tools for resolving those violations, and logs everything in an unchangeable, audit-ready record. 

It’s all done using NetSuite’s saved searches, so it’s easy to learn, too.

check-1

Create extra protection for your business-critical data

check-1

Automatically route control incidents to the correct authority

check-1

Track changes in audit-ready, immutable reports

Financial Controls in Action

Here's Strongpoint's Amy Carlson again with a short demo showing how Agent tracks transactions created a typical control incident — in this case, transactions created or edited by an Admin — in an immutable change log. 

Three Report Audit Prep

With Agent up and running in your NetSuite account, demonstrating tight controls over financial data is as easy as printing out three reports:

Everything that violated policy but was cleared in advance.

preapproved incidents

Every outstanding control violation, collected for review and clearance in one consolidated report. This is, effectively, a checklist of everything you'll need to take care of before audit — many busy NetSuite teams hold regular meetings to review and clear items on this list.

UNRESOLVED

Every control incident that violated policy but was cleared afterwards. This is where auditors will see the steps you've taken to resolve violations — including the person who approved the resolution and the reasons why they did.

resolved

Watch the Webinar

"SOX-Compliant Financial Exception Reporting"

 

webinar white
Canva Design DAEeMjkmkyQ-1

Auditors love Strongpoint Agent 

because it shows them, at a glance, all the changes that followed policy, all the control incidents that were resolved, and anything that’s still outstanding. 

Canva Design DAEeMjkmkyQ-1

Systems leadership love Strongpoint Agent 

because gives them the confidence of knowing they’re always running a fully compliant, secure system. 

Canva Design DAEeMjkmkyQ-1

Admins love Strongpoint Agent 

because it's easy to work with and eliminates up to 90% of the work around audit prep, so they can focus on more important things. 

Free Risk Assessment

Get in touch to book a meeting with our team

We'll help you identify potential control deficiencies and put together a plan for mitigating them — before your next audit. 

 

audit abm 1@2x
Untitled design (2)

Next Step: See Strongpoint in Action

Check out our Customer Stories and Webinars pages for demos, case studies and other useful, real-world examples of how Strongpoint helps companies just like yours!