Surviving an HRMS Audit: 4 Essential Steps
Nothing causes instant heartburn as much as the words, ‘the auditors will arrive Monday.’ When you have an HRMS, and in particular where you have payroll data in the HRMS, you often fall under the Sarbanes-Oxley Act (SOX) due to the Finance implications and are a prime target to audit. Here are a few steps to get your system ready to shine in an HRMS audit situation.
Make Sure Your User Controls Are Iron-Clad
One of the first questions in an HRMS audit will be, ‘show us your documented process for HRMS user access.’ The second question will then test your processes to ensure that you are acting in accordance with those procedures. If HR VP’s regularly bypass the documented form process through an email, either change the process to accommodate this working practice, or change the behavior.
Get a Handle on Full-Access ID's
Auditors are particularly interested in users who span multiple areas of control, for example, someone who can enter a new employee should be different than the person who runs the payroll. One data entry professional should not have the rights to both enter and approve a new salary. If you have people who control multiple areas, be sure that there is a system of checks and balances, such as one person may perform a mass load of salary increases, but a different person tests the loaded file and signs off on it.
Practice Test in Advance
The auditors will question multiple people to be sure that processes are handled consistently. It’s helpful to get everyone in the same room and walk through the documentation as well as the location of it. Then, go through a practice run of an HRMS audit; the usual audit sample size is 30, so your auditors will ask for a complete list of users and choose 30 of them and ask to see the forms to back up those user requests. A practice run gives you a chance to remedy any faults in advance.
Be Ready to Support HR Colleagues
An HRMS audit is often concerned about users and access, but SOX impacts HR too, especially in the hire and termination area. HR often needs data to support their audit activities, so it is always good to allocate HRMS staff in advance to be on standby for this support.
Four payroll errors that a new HRMS can eliminate
For a happier workforce, use your HRMS payroll module to avoid these common payroll errors
15 ways to minimize risk of ransomware attacks on your HRMS
Up your HRMS security and protect your company from ransomware attacks using these tips
On-premise HRMS security: four tips
How to beef up security for your on-premise HRMS, including disaster recovery, mobile security an...