Managing PeopleSoft User Access: Data Privacy, SOX Compliance, Audit Reviews

Published by Macy Sears on January 20, 2021

Controlling PeopleSoft User Access for Audit Reviews

Do you know which employees can access PII/PCI data? 

If you’re only analyzing PeopleSoft user access in preparation for a periodic review, it’s time to rethink your current auditing procedure. Managing PeopleSoft user access goes beyond spreadsheets identifying audit controls. The fact is, audit information from Excel documents and email chains isn’t accurate. That data quickly becomes stale and doesn’t reflect the company’s current state. 

Sentinel categorizes User Audit into 5 main sections:

  1. Employee Roles
  2. Correction Access
  3. Sensitive Data
  4. Privileged Access
  5. Segregation of Duties / SOX Compliance

At Sentinel, we’re making PeopleSoft audits easy. We’re replacing the traditional outdated spreadsheets and manual queries with real-time audit reports. The Sentinel audit dashboard displays instant metrics for your target audit controls. You’ll gain on-demand insight into the progression of your employee audit reviews. Most importantly, you’re cutting out the manual time and labor associated with PeopleSoft audit reviews by shifting the process online.  

Sentinel’s Software application comes complete with best-practice audit controls for HR, Finance, and Campus Solutions. Organizations may also customize their own controls to best suit their auditing needs. With Sentinel, managing PeopleSoft user access and meeting compliance regulations is simple and affordable

Employee Role Review

At Sentinel, we offer a continued solution and believe in the success that comes along with shared knowledge. We provide accurate audit reports and reviewing tools, accessible by your own team and on your own terms. 

Shouldn’t managers internally review their employee’s roles, as they know their team best? Sentinel provides simple reports for managing employee roles and user access. View snapshot metrics indicating target audit issues for your direct reports. With Sentinel, you’ll complete online employee reviews, recording an approval or removal notation for your employee’s PeopleSoft roles. 

Easily approve or deny a user's PeopleSoft roles.

Correction Access

In addition to identifying user access for target audit controls, conducting an accurate PeopleSoft security risk assessment requires also knowing a user’s corresponding access level. This means, not only being able to know which users can view sensitive data, but also who are the ones making changes. Sentinel categorizes this high-level of user access into its own reporting and reviewing tool, known as Correction Access. 

Review user's with correction access.

Sensitive Data

Sensitive data refers to PII/PCI information. Organizational gaps with data privacy or managing sensitive data increase the risk of security breaches. Sentinel’s application includes real-time reports and analysis for users with data access for personal information, such as social security numbers, bank accounts, and addresses. Traditionally, this information is found through manual PeopleSoft queries. Sentinel works to simplify the process by providing instant information without queries to easily complete reviews online. 

Sentinel’s solution is implemented with best-practice sensitive data audit controls for HR, Finance, and Campus Solutions. The application also allows for customizable controls, added or removed at your discretion.

Privileged Access

Sentinel’s privileged access controls highlight designated user functions or pages. For example, the ability to define salary grades or print checks. Sentinel displays the users with the function access, along with the ability to approve or flag the action for remediation.

Segregation of Duties / SOX Compliance

The final component in Sentinel’s user audit module contains reporting tools for Segregation of Duties, SoD controls. The principle follows the Sarbanes-Oxley, SOX compliance regulations, where user access for a specified control prohibits access to its corresponding counter control. An example within the HR system includes an employee who defines salary plans should not be able to confirm payroll. 

While entirely customizable, the Sentinel application is delivered with industry best practices for PeopleSoft audits and compliance regulations. Sentinel provides simple and easy-to-use solutions for managing PeopleSoft user access. Interested in learning more? Contact our team for an individualized software demo.

Related Articles