Larry,
It sounds like you're on the right track, Having a single Security Task for all SmartList objects, is a gross oversimplification, born out of the necessity for brevity in a blog post. I would recommend creating several SmartList objects Security Tasks (i.e. Finance, Sales, Purchasing, etc.), and assigning them only as necessary.
SmartLists can see into a lot of related data from one easy vantage point, which is what makes it such a cool tool. It is also pretty neat you can click through records to various transaction inquiry and master record maintenance screens by double clicking on a record in the results or other navigational cues.
That beings said, as a SOX veteran, I can say we traditionally don't spend a ton of time on SmartList security. Since, the goal of SOX is to create a framework, which prevents financial fraud by implementing internal controls, and SmartLists themselves do not allow users to edit data in Dynamics GP, SOX concerns for SmartLists are minimal. Any links from SmartLists to GP windows will check to see if the user has access to the form before opening it. If security has been properly implemented in GP, only authorized users will be able to open screens from SmartLists, which enable them to edit data.
My comments above are not intended to be flippant about security considerations of SmartLists. It is a good idea to offer access and training in SmartLists to only skilled and trusted personnel - it would take approximately 60 seconds for a skilled person to export your Customer List, Purchase History, etc. to Excel using SmartLists. It is also possible for novice users to create inaccurate reports, without proper training and testing.
As of this writing, a user who has access to a SmartList folder (i.e. Financial) has the ability to use all SmartLists objects in this folder. There is no lower level in the Security Task setup to control access to Accounts, Account Transactions, etc.
Thanks for the follow up question - I hope this helps.
Share
Report
All responses (
Answers (
24,406
