In NetSuite, the Administrator role gives users broad transactional powers — and with that comes the potential for fraud. In an ideal world, no one user would be able to create, edit and delete any and all transactions in a production account.
Of course, as we all know, the real world is messy. Transactional changes by admins are sometimes necessary. However, detecting these changes is more difficult than you might expect. As a result, even if you trust your team completely, audit readiness can be a challenge.
Regularly monitoring and reviewing all transactional changes made by users with admin privileges is a key part of prepping for SOX compliance — not to mention a best practice for staying safe.
The Problem With System Notes
It’s entirely possible to monitor transactional activity using NetSuite’s system notes. The problem? False positives.
As you’ll see, system notes have limited filtering capabilities. And they don’t always accurately differentiate between changes made by Admin Scripts and changes made by users through the UI. Which means that a lot of the results they generate aren’t actually changes that need review. In order to get accurate reporting, you need to compare a list of system notes flagged as being made in the Administrator role with a list of Administrators.
That’s where Netwrix Strongpoint comes in. Our Agent Control module automatically searches system notes for transactional behavior, and crossmatches the results against the Employee Record to find all changes made by users with admin or related privileges. This effectively filters out false positives, so you — and your auditors — can focus on what’s most important. It also ensures that your report is always up to date to include any new Administrators.