Where should I look (UBE) to find out who approved a GL batch an who posted it? An auditor would like a report on this history.
HI, Do you find any clue, which is the reason of this?Is audit history functionality available for JDE 8.12 E1? Will is solve my issue explained below?
I am doing a control audit and one of the most critical areas for my scope of work is journal entries. Currently, I do not have the ability to go into a manual batch and see who entered the batch and who posted the batch. There are two fields in JDE: (1) Transaction originator and (2) User ID. Prior to fieldwork it was explained by JDE administrators that the user name shown within the Transaction Originator field represents the employee who entered the batch and the user name shown within the User ID field represents the employee who posted the batch to the GL. During recent fieldwork, I identified multiple transactions where the user name within the Transaction Originator field and the User ID field had the same user name. This makes it appear that employees have the ability to enter and post a respective manual batch, which is an SOD issue and conflicts with what JDE batch security is supposed to provide.
When I reported this as a finding, JDE administration came back and said that it is impossible that the employee in question could have entered and posted the batch. I responded with relief and simply requested instruction on how to generate JDE support that showed me who definitively posted and entered and I would clear the finding as a false positive. JDE administration came back and said they could not provide this information because the User ID field is updated with the last username who accessed the batch (whether changes were made or not).
So the issue now becomes there is an inability to see, on an ad hoc basis, electronic IDs of employees responsible for entering and posting manual transactions to the GL. I believe this is a significant weakness and results in audit’s and management’s inability to drilldown (with no ambiguity) to hold people accountable for inappropriate behavior if risks compromising investor protections are realized.
I realize looking at batch security could be an alternative procedure; however, I would be assessing batch security settings a point in time other than the date of the transactions I found with same user name in the Transaction Originator and the User ID fields. So assessing batch security does me no good right now.
So, can audit history be turned on for JDE E1 8.12? If so will it show me on an ad hoc basis who definitively has entered and posted a batch? Any insight would be much appreciated (I have read all oracle info in the books I could find) and still can’t get a direct answer. <font color="black"> </font>