In my last blog post, I covered the importance of performing analysis within the system of record and how increased visibility can help unlock insights to better manage your multi-entity business. In this blog post I will focus on the importance of controls and user permissions in a growing business.
In my time as a financial auditor I had countless conversations with CFOs and controllers on the topic of financial controls. As you may have guessed, it was rarely a fun conversation. Larger clients with established internal audit and risk departments were akin to having these conversations and accepted it as a necessary evil. However smaller, fast growing, companies where often resistant to clearly defining roles and restricting user access. I am going to try to avoid putting on my auditor hat here and argue that financial controls can make perfect business sense for a fast growing business, not only because they might be required from an audit perspective.
One overarching theme is that system defined user controls and permissions will make your job as steward of the company’s assets easier. As your business grows, you inevitably need to let go of certain tasks and focus on supporting the business with its other growing pains. Manually monitoring user controls and permissioning should not be something to worry about on a daily basis and automating these controls can represent an easy time booster. For example, with Intacct you can implement systematic user controls so that non-accounting staff is restricted to entering and approving Purchase Orders only for certain departments and vendors. This will help reduce erroneous data entry, save time reversing entries and provide you with the peace of mind that non-accounting staff is not running rogue creating journal entries left and right.
For multi-entity businesses that run geographically dispersed teams, user controls are key in running a best practice finance organization. For example, let’s imagine your business just opened a sales office in Spain with a small finance presence that supports the sales team in order management. There are two straight forward business benefits of restricting access for the finance staff in Spain. Firstly, restricting them to only see the order management modules will reduce complexity in their daily tasks and streamline training. Secondly, by implementing systematic controls and workflows you can enforce established best practices from HQ in local offices without the need to be physically present.
In summary, controls and user permissions provide better assurance for management and the board on the stewardship of assets and the data they are basing decisions on. In addition, it helps you to stop worrying about what users are doing in the system, and most importantly, ease the dreaded conversation with your auditors each year.