Resources
Understanding Role Delegations in Oracle ERP/HCM Cloud
Fraud and Data Loss - one and the same?
Securing the Financial Close
Yardi provides a comprehensive set of Applications to manage Real Estate Organizations. These Applications, like all Enterprise Resource Planning solutions are design to run your processes from end to end.
With all of these Applications, the need to manage Risks to your Financial processes is extremely important. Key Risks include:
* Falsifying invoices. Through inflating costs or modifying project costs, Organizations can face irregularities in accounting due to mismanagement of Project spend
* Discrepancies in Rent/Payment. By adjusting Rent/Payment Terms against those received, 'skimming' (taking the top off Rent payments) is a very prevalent fraud which is hard to detect due to the many micro transactions that take place
* Modifying Asset Values. Adjusting Receivables and modifying Asset values creates the opportunity to inflate Revenues and Valuations
* Substituting Assets and Materials. Like those mentioned above, adjustments made to Financials are a key Risk, but in this case - Suppliers substituting materials or goods for cheaper ones create Risks. These include: infringing upon deliverables, inflating project costs, decreasing brand value and introducing the potential for un-approved and potentially illegal products being deployed.
* General Financial Error and Fraud. As with other industries, traditional Finance and Accounting is susceptible to Error and Fraud
As a Yardi customer, you are likely using a number of Products or individual Applications that combined form your Real Estate Application portfolio. For many Organizations we work with, they are also using other Vendor Applications, perhaps CRM from Microsoft or SalesForce, Payroll and HR from Oracle, SAP, Workday or other.
If you are using an Application such as Rent Cafe, this may be tied into Voyager, and both are are utilizing Client Central for Application Management.
Together, your Application portfolio provides the force needed to not only manage your Business but drive it's growth.
Whether you are a Publicly Traded Organization or not, tight controls around the many transactions across your Real Estate portfolio is critical!
Yardi solutions require a cross Application review of the controls, making sure that Transactions that take place across these Applications are secure is a problem because:
* There is no enforcement of Segregation of Duties, within and across Applications
* Limitations on Role design, Users can only belong to one Role meaning they share many conflicting Transactions or you need a higher number of personalized Roles
* Lack of fine grained control around elements such as ySQL, Production access with Read/Write ensure full ability to make changes
* No Segregation of Duties and Sensitive Access review mechanisms
In addition, many Organization's don't have a Risk/Control matrix that is suitably applied to their Applications. A good matrix should 'translate' the Organization's objectives into how the configuration of the Yardi Applications meet them: do we have effective control over our Rent invoicing and collection? Are our assets secure from mis-management? and more
This process entails analyzing all of the Settings and Security to determine conflicting issues and the right remediation and definition of the processes.
If you are struggling to implement a program for effective Controls in your Yardi (and more) Applications, Seecuring provides a subscription based service that combines Technology and Services to not only review the issues in your Applications, specifically:
Segregation of Duty identification and resolution recommendations.
Sensitive Access analysis.
Access to Production Data and Databases (especially in Client Central.
Bringing any customizations into your risk and control processes.
We have been working with ERP/HCM Applications since the early 2000's, and work with leading CPA's, Audit staff and Application specialists to deliver a complete solution.
Before you invest in expensive Software, why not look at GRC as a Service? Faster delivery, lower cost, and more than just reports on your issues - we help Organizations achieve their goals for Internal Controls.
Reach out to us below if you want to get your Application's under control:
Fraud and Data Loss - one and the same?
Securing the Financial Close