Recent SuiteApp Reviews
Step 1: Automated Documentation of Customizations and Dependencies
NetSuite accounts can have tens of thousands of customizations; these customizations can be interconnected in as many as a hundred thousand different ways. To determine the risk level of a change, you need to understand these interconnections. For example, changing a saved search on its own is relatively low risk. However, if that saved search is used in a script, it could break that script or, even worse, change what gets processed by it.
Documenting and tracking this is so time-consuming that nobody does it properly. One of our clients hired a team of consultants to document their account, hoping to reduce errors and speed up decisions. After six months, they gave up — the consultants produced a mammoth spreadsheet that was only partially complete and, on average, three months out of date. Fortunately, they were referred to us by a partner and have now had accurate, up-to-date documentation for over five years.
How It Works
It is impossible to manually document the level of detail in a typical NetSuite account. It is even harder to keep that documentation updated — and if it isn't updated, it's useless. Even if you could produce accurate manual documentation, trying to work through tens of thousands of lines at audit time would be unbelievably stressful and time-consuming.
Strongpoint does this automatically. We’ll help your team kick off our scanners and all of the work will be done in only a couple days — without impacting the performance of your system or the productivity of your team. And after the initial scan, Strongpoint will automatically keep your documentation up to date, so it is always reliable.
Step 3: Automatic Impact Analysis and Risk Assessment
We designed Strongpoint to help teams get more done — quickly and safely. Massively simplifying compliance and auditing is the outcome of a great process, not a goal that can be achieved by itself. And the key to an efficient but tight process is automating risk assessment and impact analysis.
Without Strongpoint, impact analysis is difficult, and requires extensive personal knowledge of the system. Without the right information, it isn't possible for someone managing NetSuite to tell if a change to a saved search is:
- Safe (ie, not connected to any automation)
- Risky from an IT perspective (ie, used in a script or workflow that, if changed, could break the script or affect data integrity)
- Risky from a Finance perspective (ie, used in a sensitive process such as SOX compliance)
One of our customers had a tight change process based on JIRA. It worked and they passed audit, but it was a time-consuming and, despite the best efforts of their team, they were still making mistakes.
NetSuite recommended that they look at Strongpoint. We set them up with a new process that was much more efficient — but in ways they hadn’t expected. Instant impact analysis saved their Admins and BAs a lot of time — but approvals were actually slower, because management started asking better questions. And that’s where the real savings kicked in: mistakes and rework were dramatically reduced, and management had more confidence in the process.
How It Works
Strongpoint impact analysis is driven by NetSuite best practices and combines detailed dependency information with practical explanations of risk. Whether you are working in JIRA/ServiceNow or in Strongpoint directly, you can quickly set up change policies that guide your team to follow the right process for your company. This ensures that the change process is both efficient and effective.
Step 5: Reporting, Review and Resolution of Non-Compliant Changes
Nobody’s perfect and your auditors don’t expect perfection. Rather, they are looking for consistent oversight on all critical changes. In other words, they expect you to have a policy and to follow it.
NetSuite consultant RSM asked us to assist with a customer who had a catastrophic audit despite laboriously documenting the changes in their system. This customer's global CFO had determined leave NetSuite if they couldn’t resolve these issues. The customer implemented Strongpoint and began to receive a weekly report of non-compliant (ie, unapproved) changes. This accountability not only tightened their processes but also enabled them to be ready for audit at any time. They passed the next audit with flying colors and were held up as a global example of how to run compliance efficiently.
How It Works
Once automated and continuous audit is in place, Strongpoint alerts Administrators and Managers when a high risk change occurs without the proper approvals. This is critical information — and this automation ensures that people do not have to sift through hundreds of changes to identify the important or risky ones. In addition, it ensures that every critical change is reviewed and approved.
Strongpoint continuously audits your changes so you know you will pass audit in each of the areas we cover. Any critical change not approved in advance is flagged for review. Non-critical changes are automatically cleared. The result is up to a 90% reduction in audit preparation time, and significant reductions in audit costs for many customers.
Step 7: Master Data and Financial Controls
Configuration changes are not the only important changes to your NetSuite account. Changes to master data can significantly affect financial integrity. Similarly, not all transactional behaviour can be managed through roles and permissions alone. There may not be enough staff in a team or given subsidiary to divide up job responsibilities into separate roles. To manage these risks, you need a solid system of detective controls.
One of our customers had a robust process for approving journal entries and other financial changes, but struggled to prove to auditors that their controls were effective. Using Strongpoint, they were able to set up automated controls and consolidate the results into a single list of conflicts for regular review and clearance.
Some companies use saved search alerts as detective controls, but have difficulty proving that alerts were sent or acted upon. In addition, system notes searches can be difficult to run over a significant time frame. Our customer also had difficulty cross-matching data from different searches, and found the export and review process needlessly time-consuming.
How It Works
Strongpoint converts saved searches into powerful detective controls that automatically log violations directly in NetSuite. Enhanced features enable cross-matching between searches to reduce false positives. Automated processing allows for searches to be run more efficiently and reliably. Best of all, all of the control incidents can be consolidated into a single list for easy review.