Could anyone share a list of minimum expected financial controls that should be implemented in a new ERP system?

610 views2 Upvotes5 Comments

Sort By:

Oldest

Director of Finance in Consumer Goods8 months ago

Its important to review the complete trail balance to ensure that existing and new ERP is recording all the transactions. Also data can be analyzed on GL level to see proper migration.

2 1 Reply

Director of Finance8 months ago

Thank you Sahil!

Vice President - Internal Audit and Enterprise Risk Management in Healthcare and Biotech8 months ago

In my experience, there isn't a defined set of minimum expected controls, as each implementation varies in terms of ERP capabilities, project scope and how much of any given process is handled through the system vs. externally (either manually or via secondary systems). Areas where I would recommend you ensure receive adequate consideration (and which often don't) include:

* Segregation of duties
* Super user access, including firefighter capabilities
* Optimizing the use of application embedded controls (vs. manual, back-end controls) throughout the modules/processes that are in scope for your implementation
* Fraud identification and prevention
* Interface controls, to the extent that there are upstream or downstream integrations with the ERP

From an approach perspective, I've had success when including a controls workstream as a defined component of the overall implementation effort. This can require a fair level of effort but is preferable to finding controls issues post-implementation.

3 1 Reply

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

Peer Discussions and Polls
One-Minute Insights
Connect with like-minded individuals

Director of Finance8 months ago

Thank you very much Martin!

Founder in Miscellaneous8 months ago

It's all about finding the right balance. So, you need:

A) The right level on control to ensure you're reducing human error / not overspending
B) Not too much that you find yourself constantly approving stuff

My recommendations:

1. Map the areas of your process that come with the highest risk (e.g large POs, bank payments)
2. Determine what the minimum viable approval route is (e.g straight to department head)
3. Build with the path of least resistance in mind.

So this means:

- Not including anyone in an approval workflow that doesn't need to be involved
- Not triggering an approval workflow for small amounts of spend (I've seen some companies implement an 'anything up to £250' type rule)

At a minimum:

1. PO approval when the spend gets to an amount that will significantly impact your budget
2. Bank payment approval for invoices that haven't yet been paid

Then you can consider elements like:

1. Approval on coding (departments, employees)
2. Approval on journal batches (payroll etc)

Start with zero.

What will give you control, without unnecessary headache.