ReportsNow for QSoftware:
Quicker, easier analysis and reporting
Meaningful, actionable information to reduce risk and satisfy auditors
ReportsNow for Q Software (RN4QS) harnesses the advanced reporting facilities in ReportsNow to provide Q Software customers with interactive dashboards and reports that are very easy to navigate and use.
They make it much easier for both technical and business users to:
- Obtain meaningful information about their security
- Act on it efficiently to reduce risk
- Provide evidence requested by auditors.
What is ReportsNow for QSoftware?
Jointly developed by ReportsNow and Q Software, RN4QS provides predefined dashboards and reports to complement our on-premise solutions.
You can customize the reports to match your company-specific requirements, and RN4QS also includes a full ReportsNow Designer license which enables you to create new reports on any JDE or QSoftware data.
The reports enable you to filter the results as required and drill down to investigate items of interest. Where business users need to review reports and decide what action to take, we’ve included meaningful descriptions to make it easy for them to understand what they’re reading.
Benefits
- Keep abreast of critical risks, urgent issues and significant trends
- Reduce risk – uncover hidden problems and find out what is causing them
- Slice and dice results for easier analysis, prioritization and remediation
- Easier delegation / dissemination - customize reports to add in extra columns for organization-specific segmentation
- Provide business users with information they can understand and act on
- Easily provide external auditors with the evidence they request
- Quickly create interactive reports and dashboards on any JDE or QSoftware data
Current reports include:
Reports:
- Segregation of Duties Rules: Summary and Details
- Segregation of Duties Violations: Summary and Details
- Mitigations
Uses:
These reports make it easy to:
- Review your SoD model
- Analyze SoD violations and investigate the cause
- Create a prioritized remediation plan and break the workload down into manageable chunks
- Assess effectiveness of remediation work and show evidence of progress
- Review mitigated users
- Provide evidence for your auditors.
Fewer audit runs – save processing time:
ReportsNow’s powerful filtering capabilities mean that you can run one audit across all data, then slice and dice the results in any way you like to focus on specific areas, rather than having to run separate analyses on specified subsets.
Dashboard:
The Audit Manager Dashboard provides a summary of information for managers. It:
- Shows trends, e.g. whether violations are increasing or decreasing over time
- Draws attention to urgent risks, such as high-risk violations.
Report: Role Request Status
Uses:
Managers can use this report to quickly and easily:
- Find information about the status of outstanding requests
- Ensure that requests are being completed timely.
Staff involved in external audits can use this report to provide auditors with the evidence they request to test user provisioning controls.
Report: Role Request Inquiry
Uses:
Gives managers or auditors an easy way to inquire about users’ total profiles – i.e. all the roles that are assigned to them.
Dashboard:
The User Administration Dashboard:
- Provides managers with overview information on the status of requests and pending approvals so they can identify and resolve any bottlenecks
- Draws attention to exceptional requests (such as role requests for terminated users) that could lead to an audit finding, so they can be resolved ahead of an audit.
Reports:
- Approver Matrix
Uses:
Enables users to easily provide auditors with evidence about approvers and how they can affect data on the access review, for example:
- Auditors will seek assurance that approvers cannot approve/recertify their own access
- Approvers should not be able to change the status of the review back from Approved to Pending.
Reports:
- User Profile Review Report
- Security Workbench Review Report.
Uses:
These review reports make it easier to:
- See the status of the review and ensure it is completed timely
- Act on decisions made in the review
- Provide evidence for auditors.
There are two different types of review:
- User Profile review – where managers review and approve or reject the roles for their staff
- Security Workbench review – where managers review the access privileges within the roles to ensure they are still valid.
The reports for each provide information about the status of the review. They give managers much more flexibility to review the data in different ways and help them to:
- Keep track of outstanding items
- View details on outstanding items to answer any questions that come up
- Provide evidence that the review was done and show what was approved / rejected and when
- Print a list of rejections and feed that into their security change/user provisioning process to get the changes made
- Create a review report (csv or pdf) for audit evidence when the review is completed
- Users can choose which columns they want to include as audit evidence
- If exported to csv, users can filter the data to provide specific audit evidence as requested.
This solution allows customers to track changes to critical or sensitive data, which could indicate unauthorized or fraudulent activity. Users can set up alerts, which notify relevant users about significant changes to that they can be investigated promptly.
Report: Summary of Audited Data
Provides users with a summary of tracked changes for a specific time period, without needing access to JDE or Fraud Detector.
Report: Alert Management Status
Provides a list of alerts and shows who is responsible for them, the alert status and comments, without needing access to JDE or Fraud Detector.
Uses:
- Managers can monitor the status of alerts and check if they are being reviewed promptly
- Internal audit can use the report to provide audit evidence on how the exceptions were handled.
Dashboard:
The Alert Management Dashboard
- Provides business managers, particularly in Finance, with overview information on the status of alerts so they can ensure they are being investigated promptly, and chase staff as appropriate
- Draws attention to high severity alerts and provides information about the changes that triggered them
- Enables internal audit to keep a watchful eye on events.
Reports:
- Security Model: Functions and Components
These interactive reports make it quick and easy for users to see what access is granted by the Functions and Components in the security model.
Uses:
- Security administrators can use these reports to provide information on the security model to users who don’t have access to Security Manager Pro, e.g. business support staff, business managers and audit.
- They can also reduce the time needed to make security changes. Security administrators can export data to Excel, modify the security there, then copy / paste the changes into the Q Software grids.