Separation of duties in an ERP system is crucial to maintaining compliance. For example, a user should not be able to create a journal entry and then approve it, a second user must review and approve. An easy way to validate separation of duties between roles, especially during an audit, is running the “Show Role Differences” report in NetSuite. The Show Role Differences reports outlines both standard and custom roles in NetSuite with all of the permissions assigned and the level of access.
To access the report, navigate to Setup > Users/Roles > Show Role Differences
In the report setup screen, select a base role to compare to (this can be any role) and then multi-select (Ctrl+click) all of the roles being used to compare to. Deselect the Only Show Differences checkbox to ensure all permissions are listed.
Select Show to view results.
The results can be exported to Excel.
Each permission in NetSuite has an access level to determine the amount of permissions for the corresponding list, record type, report or transaction.
The following are general definitions of access levels for permissions.
- VIEW – User has access to view existing files only. The User cannot create new, edit existing, or delete existing files.
- CREATE – User can create new and view existing files. The user cannot edit or delete existing files.
- EDIT – User has access to create new, view existing, and edit existing files. The user cannot delete existing files.
- FULL – User has access to create new files and view, edit, and delete existing files.
For more information on this topic or others related to NetSuite, contact RSM at email@example.com or by phone at 855.437.7202.