https://netsuiteprofessionals.com logo
Join Slack
Powered by
Hi all Is anybody using Strongpoint? <https://ww...
# general
r
Hi all Is anybody using Strongpoint? https://www.strongpoint.io/netsuite-usecases
e
We're using StrongPoint.
r
How do you find it Eric for executing the UAT in a Netsuite implementation
Thanks
e
Did you mean UAR (User Access Review)?
j
Hey @Eric B, we are negotiating for a licence with Strongpoint. Can I ask what your use case is for it, what you think makes it worthwhile and what you think it’s lacking? Also what tier are you on?
e
Hi @jen I believe we're on the premium tier which works great for us since StrongPoint was able to hand-hold us through the process. We needed it for SOX compliance and SOD conflict resolution in preparation for going public. The initial recommendation was another software to handle SOD conflicts and we went with StrongPoint because it runs natively in Netsuite versus the other approach which was to pull data from NS and then manage it in a separate external portal. The main advantage we get from having StrongPoint is a real-time engine that helps monitor both SOX compliance and SOD conflicts. And because it's in real-time, we don't need to prepare reports for documentation and evidence purposes.
There are so many more other advantages like ERD where you can search for a control, a saved search, etc and view the ERD to find out what other parts are affected. With a sandbox we've been able to preview say a permission or role level change before deploying it in production because StrongPoint would flag it as an SOD conflict in sandbox.
We also get the benefit of managing change as either compliant or non-compliant and resolve non-compliant changes.
j
These are exactly the sorts of things we thought it would be handy for. It’s tough as nobody here has experience with it so it’s hard to tell the true value. We are rolling NetSuite out from our small company of ~40 people (was 7 when I joined 5 years ago), to the larger team of ~300.
going from just me doing all the admin to obviously a larger more complex permissions/roles set etc
Thanks for the info
👍 1
e
@jen I would definitely start with cleaning up roles and permissions since native Netsuite role setup isn't really geared for SOX compliance and SOD conflict mitigation. C-Suite people with the CEO and CFO roles don't really need anything more than view only access. I'd start with those and get it ready. That's really where the challenge is and much of the grunt work.
I created a script that allows for mass assigning/changing permissions for roles
j
oooh nice
I have a role / permissions audit tool so I can basically generate a spreadsheet of everything
except I’m not sure how to clean up field-level permissions, and also the whole Custom Record business
I didn’t realise you could change permissions via script, taht will be handy
e
yes it was a real time saver especially when you have a ton of roles and permissions to change and a looming deadline!
And if you're using JIRA, StrongPoint has an integration that works with JIRA so that you don't need to do double entry for the ITGC management records.
In terms of what's lacking it's all really subjective. For example, an ITGC request doesn't have an in-between status from Approved to Complete. The use case is after performing the change, it may need to take a while to Complete (close out) the approved ITGC request because you may need feedback that the change you performed worked as expected. So it's a bit hard to track the ones that have been worked on versus the ones that have been approved and not worked on since the only status after Approved is Complete.
3 Views
Open in Slack
PreviousNext
Powered by