authorizationbox:5monitoring:1setup_monitoring

  

Setup Authorization Monitoring

Authorizations are set up to a concept whereby employees / organization roles are responsible for certain data in Business Central. In addition, the authorizations ensure the segregation of duties in the organization. Default Business Central has no functionality to analyze the quality of the authorizations. This means organizations have no instrument to control their setup.Using the Monitoring module you can evaluate the quality of the permissions assigned by asking questions, defined as Critical Permissions. Critical Permissions might be grouped in processes for ease of analysis. Furthermore, accepted risks might be excluded from analysis. Lastly, Conflicts are defined as a combination of Critical Permissions to be avoided for segregation of duties.

Processes

For documentation and processing purposes of the Critical Permissions you can define Processes and Categories. Open in the menu Monitoring, Settings, Processes and click on the New button to create a new Process:

  • Name: short name for the Process
  • Description: more detailed description on the Process

Click Save & Close to save the Process.

Categories

With Categories it is possible to make a subdivision in the Critical Permissions.

Go to Monitoring, Settings, Categories and click on the New button to create a new Category:

  • Name: short name for the Category
  • Description: more detailed description on the Category

Click Save & Close to save the Category.

Excluded Permission Sets

If the Organization formally accepts risks, these might be excluded from analysis. The permission set SUPER is an example which always results in a risk, because users with this role can modify all data in the system. If this role is included in the analysis, every analyzed permission would result in an actual risk, which leads to a complex analysis. For this reason you can exclude permission sets from analysis. Furthermore, you can include any excluded role in the analysis by selecting the option Analysis with excluded permission sets on the Critical Permission. Setup for excluded roles can be found in the menu Monitoring, Settings, Excluded Permission Sets. Click on the New button to create a new Excluded Permission Set.

  • authorizationbox/5monitoring/1setup_monitoring.txt
  • Last modified: 2020/08/20 16:46
  • by luukvm