Name: Three Things You Need To Know About Salesforce and SOX Compliance
Start: 2021-04-29T18:00:00Z
End: 2021-04-29T18:00:27.000Z
Location: BrightTALK
Rating: 4

Strongpoint has joined forces with Netwrix, a cybersecurity vendor that makes data security easy. 

This channel is no longer being updated. If you want to stay up to date with Strongpoint, please subscribe to our main Netwrix BrightTALK channel: https://www.brighttalk.com/channel/17251/

Access management is your first line of defense when it comes to protecting data in NetSuite. After all, when you’re aware of who can see and do what in the platform, and have a system for tracking how it changes over time, it’s much easier to build strict data security controls.

At the same time, however, users need the appropriate permissions to do their jobs effectively. Whether you’re a private company trying to manage your NetSuite account according to best practices — or a public company according to compliance regulations — you need to balance security and control with flexibility and functionality. 

Unfortunately, establishing an effective access management strategy can be difficult and time-consuming — especially in mature NetSuite instances. 

Join us on Tuesday, November 16th at 2pm EST to learn about a new approach to access management with Strongpoint. We’ve helped countless organizations running NetSuite build access controls that are highly effective, highly secure — and don’t make things more complicated for Admins or users. In fact, with Strongpoint, you can save hours of work on an ongoing basis — while mitigating your compliance and security risks.

A Complete Approach to Access Management in NetSuite

Revenue Cloud has been a game changer for many public and pre-IPO companies — but if you’re not focusing on compliance requirements in your billing systems, you might end up doing hours of manual audit prep. Even worse, you'll end up dedicating a considerable amount of resources and money as a result of a failed audit.

As more and more organizations manage revenue-related data on Salesforce , auditors have taken note — and companies subject to SOX are being asked to prove they have tight controls and visibility into changes to things like access, metadata and data.

On Tuesday, September 28th at 2PM EDT, we’ll be walking you through some best practices for managing your Revenue Cloud compliance requirements in Salesforce. Learn what trends are driving Revenue Cloud adoption and what’s in scope in your Salesforce system — and how Strongpoint’s suite of compliance tools can help get your CPQ and Billing systems audit-ready with less work, and less stress.

On the Agenda:
- What’s in scope for SOX requirements in your Salesforce Org
- Trends driving Revenue Cloud adoption
- Revenue Cloud — best practices and how Strongpoint helps

Why Revenue Cloud Is In Scope for SOX Compliance — And What You Can Do About It

Busy Orgs have established processes and systems for managing delivery and deployment. So what happens when SOX compliance imposes a bunch of new reporting requirements on them? 

Proving that you understand why changes were made in your production environment — and showing that there are controls in place to ensure appropriate reviews/approvals — is a key requirement of SOX. But that can be complicated if you use Jira or Salesforce Cases for running tickets. 

You could spend hours manually reviewing change logs and tying them back to an originating request and approval. Or you could integrate with Strongpoint, and automatically reconcile your tickets to deployed changes in your Org. In our next webinar, we’ll show you how. 

Strongpoint’s integrations let you focus on speed and innovation while adding the extra governance layer your auditors expect. And you can do it without significantly changing the way you work now.

Our agenda includes:

- A summary of key requirements for SOX on the Salesforce platform
- An overview of Strongpoint’s impact analysis, change Log reconciliation and SOX reporting capabilities
- A demo showing how Strongpoint integrates with JIRA and Salesforce Cases

Streamlining SOX Compliance for Salesforce: Cases and Jira Integration

Heading towards an IPO and worried about SOX compliance? Already subject to SOX and want to make your audit process easier? We’re sitting down with four NetSuite professionals who’ve found ways to automate the hardest parts of SOX compliance and audit prep.

NetSuite is the ERP of choice for growing companies, and it’s no surprise that so many organizations going through the IPO process struggle to get their systems in order for SOX compliance. The good news is that many NetSuite teams have been through it before. Our panel includes finance, IT and systems leadership at recent IPOs who are eager to share what they’ve learned.

We will kick things off with an overview and best practices from Spencer Roundy from the Cadence Group. Then, in what is sure to be a wide-ranging discussion, we’ll cover:

- When and how they got started
- Who owned responsibility for what
- What tools helped them through the process
- What were the biggest challenges
- What was most surprising about the process
- What they’d do differently if they could

Meet our panelists:
- Dave Witty, VP of Financial Systems at SiteCore
- Spencer Roundy, Director at The Cadence Group
- Christy Shwartz, Chief Accounting Officer at Opendoor Technologies, Inc.
- Amy Carlson, Director of Customer Success at Strongpoint

Space is limited, so be sure to register to secure your spot today.

Panel Discussion: Prepping for your First - and Best - SOX Audit in NetSuite

Salesforce is a famously versatile, highly customizable platform. Which is great if you’re a growing company looking for a platform that will grow alongside you. But if you’re an auditor looking to see tight controls over critical configuration changes and user access, the ease with which metadata and configuration data in the system can be changed is cause for concern. 

Salesforce’s Audit Trail and Field History Tracking tools offer a variety of solutions for this problem. Using them, and a considerable amount of manual work, you can get very close to producing change reports that will make your auditors happy.

But audit requirements — primarily for SOX, but also for industry-specific compliance standards — are changing. Auditors are becoming more familiar with the platform and asking to see more detailed reporting.

What's On the Agenda?
In this webinar, we’ll show you how to start prepping for audit using the Salesforce Audit Trail and Field History Tracking. Then, we’ll cover the four main gaps they leave, and how third-party tools like Strongpoint help close them:

- Access controls: Taking a deep dive into roles and permission sets
- Scope: Keeping tabs on what’s in scope for SOX and ignoring what's not 
- Change logs: Tying completed changes back to an originating request
- Configuration data: Controlling for changes to critical configuration data (such as CPQ)

Salesforce and SOX: Beyond the Audit Trail

NetSuite roles and permissions are powerful tools for maintaining safety and compliance. But, at first glance, they can seem complicated.

This free crash course takes an in-depth look at best practices for understanding, establishing, maintaining and cleaning up roles, permissions and access in NetSuite.
What's On the Agenda?
1. Understanding User Roles
- Permissions
Permission levels
- Required forms and list views
- Role settings
- Script dependencies
- Cleaning up unused roles
2. Understanding Permissions
- What is a permission?
- What are tasks?
- How do permissions affect navigation?
- Cleaning up unused permissions
3. Managing Access
- A real-world approach to segregation of duties
- How to protect your data using NetSuite’s access controls
- Implementing two-factor authentication and SSO
- IP locking

Crash Course: NetSuite Roles and Permissions

If you’re a publicly traded company running NetSuite, or are in the early stages of planning for your IPO, this webinar will help you lay the groundwork for an easier path to compliance. In this webinar, we begin by looking at what’s in scope — what, in our experience, auditors are looking for when they look at your NetSuite account. Then we cover some of the key challenges companies in your position face when prepping for an audit. Finally, you’ll learn about two publicly traded companies who are using Strongpoint to keep compliant and sail through audits every quarter.

The agenda:
- What’s in scope for SOX?
- How long should it take to prepare for audit?
Key challenges:
- Understanding the customizations in your account
- Tracking changes and assessing their impact (Scripts, Workflows, Managed Bundles, etc.)
- Establishing policies for compliant change management
- Automatically linking change logs to approved change requests
- Proving to auditors that policies were followed and you have a complete and accurate view of system changes
- Showing auditors where things slipped through the cracks
- Managing segregation of duties and access control issues
- Building compensating controls
SOX audit success stories:
- Smartsheet
- ZoomInfo

We hope to see you on May 13th!

Proactive Audit Prep in NetSuite

This webinar is ideal for IT, Finance or Audit leadership concerned about Salesforce and SOX compliance.

In it, we look at the three areas of focus your auditors are most likely to be concerned about — access controls, metadata and configuration data. Then, we’ll show you how to automate key processes that will significantly reduce the work of getting ready for audit.

We'll cover:
Access
- Who can see and do what on the platform?
- Who has critical levels of access? 
- Controlling for changes to access and permissions
Metadata
- What’s in scope: revenue-related objects and business critical processes
- Understanding, managing and controlling changes 
- Proving visibility to auditors
Configuration Data
- What’s in scope: CPQ and Billing applications; data related to pricing, discount, approva;
- Managing and tracking changes to custom objects
- Creating audit-ready reports

Many of these requirements are now in scope for SOX, and Salesforce teams are getting caught off guard when they come up. Taking the time to get proactive now can save you a lot of work and expense in the future.

Three Things You Need To Know About Salesforce and SOX Compliance

Change Management

Metadata

Configuration Data

User Access

Compliance

Audit

Data Protection

Secure Access

Enterprise Applications

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

The accounting and tax community on BrightTALK features relevant content around tools and strategies for tax planning, internal controls, auditing and more. Join the conversation by engaging with accounting and tax thought leaders and accountants and asking questions during live webinars and round table discussions on tax and auditing topics.

Accounting and Tax

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Three Things You Need To Know About Salesforce and SOX Compliance

Presented by

About this talk

More from this channel