NetSuite Master Data and Financial Controls
Monitor and protect the data that's most important to your business — and your auditors
Configuration changes are not the only important changes to your NetSuite account. Changes to master data can significantly affect financial integrity. Similarly, not all risk can be managed through roles and permissions alone. To manage these exceptions effectively, you need a solid system of detective controls.
Some companies use saved search alerts as detective controls, but have difficulty proving that alerts were sent or acted upon. In addition, system notes searches can be difficult to run over a significant time frame. The result is that even with robust processes, staff are often overwhelmed, resources are tied up and auditors are left unsatisfied at audit time.
How Strongpoint Helps
With Strongpoint’s master data and financial controls, you can move from static monitoring to active response — and create an auditable trail that will make compliance easier. Strongpoint converts saved searches into powerful detective controls that route violations to the proper authority for review and clearance, and collects it all in a separate, auditable GRC system.
Enhanced features enable cross-matching between searches to reduce false positives. Automated processing allows for searches to be run more efficiently and reliably. Best of all, all of the control incidents can be consolidated into a single list for easy review.
Agent Controls at-a-Glance
Not everything can be managed with NetSuite's roles and permissions. Strongpoint Agent is our advanced module for monitoring master data and financial controls.
It's built on saved searches, so it's easy to use and, best of all, it's entirely contained within NetSuite, giving you an audit-ready record of all violations and the steps you took to resolve them.
Here's Strongpoint's Amy Carlson with a two-minute explainer.
Monitoring Transactional Behavior
The Administrator role in NetSuite is highly sensitive. Ideally, an Admin's broad powers should be used to maintain the system — they shouldn't handle transaction activity at all.
However, Admins can and do make transactional changes. Since it isn't possible to prevent them outright, the best thing you can do to prevent fraud and maintain compliance is to put in place detective controls that monitor them.
Normally the process for doing this involves running saved searches on system notes. But this can produce tens of thousands of results that make analysis effectively impossible.
Strongpoint Agent allows you to cross match the results of a system notes search with the results of an employee record search. In other words, you can greatly narrow down your results by eliminating everything that wasn't created or edited by a user with Admin (or similar) privileges.
Gain additional visibility to risky changes and events
Log violations and get alerts when things change
Filter out 'execute as admin' false positives
Case Study: Managing 'Execute as Admin' False Positives
Why is Agent's cross match feature necessary for protecting financial data? In NetSuite, scripts and workflows have the ability to execute as an Administrator. So what looks in system notes like Admin behavior is actually a harmless automation.
For auditors, however, unless you can prove otherwise, it's a huge red flag and potential control violation. By running a cross match search in Strongpoint Agent, you can avoid hours of work and prove to auditors that you're focusing your efforts on actual violations.
Watch a one-minute explainer or head over to the blog for a detailed tutorial.
Focusing on Critical Objects
Strongpoint automatically monitors transactional behavior — changes to accounting lists, bills of materials, revenue recognition templates and other financial objects.
It continuously checks every change across a list of customizable rules to flag non-compliant issues for review. Then, it gives you a set of tools for resolving those violations, and logs everything in an unchangeable, audit-ready record.
It’s all done using NetSuite’s saved searches, so it’s easy to learn, too.
Create extra protection for your business-critical data
Automatically route control incidents to the correct authority
Track changes in audit-ready, immutable reports
Financial Controls in Action
Here's Strongpoint's Amy Carlson again with a short demo showing how Agent tracks transactions created a typical control incident — in this case, transactions created or edited by an Admin — in an immutable change log.
Three Report Audit Prep
With Agent up and running in your NetSuite account, demonstrating tight controls over financial data is as easy as printing out three reports:
Everything that violated policy but was cleared in advance.
Every outstanding control violation, collected for review and clearance in one consolidated report. This is, effectively, a checklist of everything you'll need to take care of before audit — many busy NetSuite teams hold regular meetings to review and clear items on this list.
Every control incident that violated policy but was cleared afterwards. This is where auditors will see the steps you've taken to resolve violations — including the person who approved the resolution and the reasons why they did.
Watch the Webinar
"SOX-Compliant Financial Exception Reporting"
Auditors love Strongpoint Agent
because it shows them, at a glance, all the changes that followed policy, all the control incidents that were resolved, and anything that’s still outstanding.
Systems leadership love Strongpoint Agent
because gives them the confidence of knowing they’re always running a fully compliant, secure system.
Admins love Strongpoint Agent
because it's easy to work with and eliminates up to 90% of the work around audit prep, so they can focus on more important things.
Free Risk Assessment
Get in touch to book a meeting with our team
We'll help you identify potential control deficiencies and put together a plan for mitigating them — before your next audit.