An operator id and password is required to access SYSPRO.

Access to a SYSPRO company can be restricted in a number of ways:

Operators must belong to a group. These groups can be configured to prevent unauthorized access to SYSPRO.

Access to SYSPRO programs can be restricted in a number of ways:

You can secure access to certain transactions in SYSPRO at company, role, operator group and operator level using the Electronic Signatures program.

Transactions in SYSPRO can be secured in a number of ways:

You can restrict access to specific activities in SYSPRO at operator level as well as by assigning passwords to specific activities.

You can restrict access to specific fields in SYSPRO by denying operator access to the editing of fields and viewing of sensitive company data.

The basic control entity in SYSPRO is through the operator id. An operator is any person in an organization who requires access to the company data to perform tasks. Operators are typically configured by system administrators, where a login name is assigned to each individual and access rights are configured according to the function the operator performs within the organization.

Operators enable system security to be controlled at an individual level, regulating the type of tasks and activities that individuals can perform, as well as certain field access based on the authority granted to them.

Other features of operator security control include:

In SYSPRO, security groups refer to a collection of operators who have access to company data. Groups are typically configured by system administrators and access rights are configured according to the function the group performs within the organization.

Subgroups enable operators to be assigned to multiple groups, which accommodates the need for certain operators to inherit the program access settings of a number of different groups, without the need to configure additional groups. When establishing an operator's level of access to a program, access is denied only if all the groups to which the operator belongs deny access to that program.

In SYSPRO, roles enable security and user-interface customization to be configured by organizational role. Roles provide a simplified means for a system administrator to pre-configure and control the user interfaces, settings, program access, access control and access to activities and fields presented to SYSPRO operators.

By default, a set of roles based on the SYSPRO Business Process Management System are imported to a SYSPRO company. This includes a sample organogram which is a visual representation of roles and hierarchies within the company. The default organogram provides a starting point for a company's role management and can be customized or removed if a different hierarchy of roles needs to be defined.

SYSPRO also has a setting which, if selected, means that all operators must be assigned to a role. This ensures that whenever a new operator is added or an existing operator is changed, they must be assigned to at least one role.

Up to five roles can be assigned to each operator. This allows operators to switch between roles as required. This simplifies the process of managing security, because settings are defined once against the role, rather than against each individual operator.

In SYSPRO, passwords form an integral part of establishing system security and enable the restriction of unauthorized access to companies, modules, programs and functions.

Passwords and password rules can also be configured against operators to improve the integrity of their use in the system. Operators can be compelled to change their passwords at prescribed intervals and rules that must be adhered to when defining passwords can be specified (e.g. a minimum number of characters, forcing combinations of word and numbers and preventing the recycling of operator passwords).

During implementation, setup options must be configured for each SYSPRO module. These enable the company-wide settings to be tailored to suit a company's operational environment and requirements. For example: You can configure how requisitions for purchase orders, stores and capital assets must be managed and processed; how variances during a stock take must be detected and reported; and how various transaction items must be numbered

Electronic signatures enable the securing of transactions by authenticating the operator performing the transaction. This enables the implementation of access control at transaction level rather than only at program level.

Electronic signatures assist in the implementation of the effective segregation of duties. They are commonly used in companies where Sarbanes-Oxley compliance is required because they control access to the processing of specific transactions, as well as provide a trace of who performed each transaction and when it was performed.

Electronic signature triggers also enable the timely identification of abnormal events which may potentially point to fraudulent activity. Security access is controlled by the entry of a password before an operator is allowed to proceed with a transaction.

You can configure events that must be monitored in SYSPRO as they occur, and invoke third-party applications when this happens (e.g. stock falls below zero). The actions that can be associated with an event include launching programs, sending email messages to specified persons, or writing the occurrence of the event to the Event Log.

Triggers are used to invoke third-party applications when a particular trigger is activated in SYSPRO (e.g. after adding a customer). Several of the available triggers can be used to highlight potentially abnormal transactions that may indicate fraudulent activity.

Electronic signatures can be configured to maintain a transaction log for auditing purposes, as well as activate triggers for integration to third-party systems or notification via email.

The Trigger options enable the configuration of multiple actions to be executed automatically when an electronic signature transaction is successfully completed.

Electronic signatures enable the configuration of VBScripts that can be invoked when a trigger is fired. This caters for almost unlimited triggering capability, since virtually any type of application can be invoked using VBScript.

Electronic signatures also enable SYSPRO Reporting Services (SRS) reports to be invoked when a trigger is fired.

SYSPRO Dashboards provide an interactive visual presentation of realtime data in the ERP system. They allow managers and executives to see current status and trends of specific organizational metrics and to gauge how business operations are performing.

SYSPRO provides system controls to help companies ensure the segregation of duties between different staff members. One of these controls is the role conflict file which can be configured to contain a list of user-defined pairs that are considered to be in conflict within the organization.

System audit logs enable the company to track any changes made to the system that affect system security. In addition to enabling more effective system security maintenance, the audit log traces logins which allows system administrators to make more accurate recommendations about the purchase of additional licenses.

The Job Logging Setup program maintains a log file of all programs that have been accessed by operators. The log file stores information regarding the program accessed, the date and time that the program was accessed, the length of time that the program was in use, the operator who loaded the program, and the computer name and process ID (PID) from which the program was run.

Amendment journals track changes made to master files, company setup and operator information. You can report on these changes using SYSPRO Reporting Services.

The SQL Server Diagnostic Utility program identifies potential problems with the SQL Server database used by SYSPRO companies. It also identifies any differences between the existing database and the standard SYSPRO tables, columns and indexes that should exist as well as missing user-defined tables, columns and indexes.

A wide range of reports can be used to audit the security and integrity of an installation by control account reconciliation.

SRS Report Archiving enables reports to be electronically archived in the version that was produced at the time they were run. This provides secure electronic access to transaction audit trails and financial statements.