Authorization Box

Authorization Box is a web-based application in which you can manage and control authorizations. It is linked directly to Dynamics NAV databases, so any changes are directly effective if desired, both in Authorization Box and in Business Central. Before using the Authorization Box, it is required to follow the Installation steps and the setup to configure.

Authorization Box consists the following modules:

The Monitoring module provides insights into Critical Permissions and the implemented Segregation of Duties (SoD). The analysis helps you to find incorrect permissions in Permission Sets, Organization Roles and User accounts. Furthermore, the module analyzes for conflicts in assignation of authorizations.

According to SOx regulations, top management must be ‘in control’ and has to provide insight into the effectiveness of the SoD as part of the application controls. SoD Monitoring is an audit tool that helps management to remain ‘in control’.

The Authorization Framework provides various sections to create and manage the Authorization Framework, this consists an Organization Chart, where you create Departments and Organization Roles. Organization Roles, where you manage the Organization Roles. Manage Permission Sets or create Permission Set Groups which are linked to Organization Roles. These Organization Roles are assigned to users through Authorization Requests.

Any change in the authorization design is directly (or per start date / end date) synchronized to Business Central or will be synchronized after approval of the request. Creating and modifying the organization structure can be done through the Authorization Box interface and in Excel.

User Management in Authorization Box provides a workflow for Authorization Requests with optional approval. This enables assignment of responsibility for creating new accounts to officers who are responsible, instead of application management or the IT-department. It is possible to create an Authorization Request for users to assign an Organization role. Also it is possible to link this to a Company or Company Group. In case of resignation or change of function you can revoke the Organization Roles directly or by an end date.

  • authorizationbox/overview.txt
  • Last modified: 2021/01/20 09:52
  • by luukvm