FSM security rules - GL staff

I'm trying to help our Finance leadership re-evaluate security access for the GL Staff.

I'm curious how /what others are doing.

Basically, I think I may have to create a custom security rule and I really don't want to... I've spent a week or so going thru delivered security rule/class report/xls showing accesses.
Need one group of staff to create/process/post journals but no access to update coa, open/close months, etc.
So I think my whole issue is around ability to create and post with the same rule. Staff Accountant_ST appears have everything needed except ability to post.

So I looked at FinancialProcessor_ST and thought I had a winner but it also has access to Assets and Billing.. so that won't work.

Any insight would be appreciated

Find more posts tagged with

Accepted answers

All comments

unknown

We encountered the same thing. While we would have preferred to use the standard delivered roles they did not segregate duties as we desired either. So, unfortunately we have a lot of custom roles for GL, AP and SC rather than using the standard delivered roles.

unknown

We are in a similar spot - had to customize roles to accomplish segregation of duties in various roles. We continue to push on Infor to ensure they're contemplating SOD in their base roles across the app, as I think we'd all like to get out of the custom security space. Let me find out if we have an ER entered that you can endorse; if not I can put you in contact with the person owning this for us, if you'd like to get engaged and help convey the need for this functionality.

don-kintzle

We are not yet on CSF but are going in this direction and I agree the delivered roles need to take SOD's into consideration when creating/supplying the standard roles. I understand SOD's can vary from Organization to Organization, but there are some industry standards that could be applied. Custom security always presents a problem when troubleshooting an issue with Infor Support as well.

unknown

We have had several instances, the most recently being with the May CU that we are still dealing with, that changes that should not have impacted us because we don't use that level of security broke our Finance security roles and we had to work with Infor to figure out how to get them working again. We are still working through issues that the changes in May caused not allowing our accountants to create and journalize entries.

sherry-sturdivant

Agree with the comments. Segregation of Duties (SOD) within the standard roles should be delivered functionality within Infor.

unknown

Thanks everyone for all of your feedback. I'm an IT resource and learning finance as I go But one of my struggles is finding what truly is 'SOD'. Our auditors have called out that staff creating the journal should not be able to post the journal. So in that thinking, the delivered StaffAccountant rule meets that requirement but we are not set up to operate that way with our resources.

unknown

We do not segregate that functionality either. We do segregate the ability to create accounts and the GL structure from being able to create and post entries.

unknown

I created ER for a rule to allow create and post of journals as it's own rule.

https://ers.infor.com/Ers/SoHoXi/Request/XiDetails.aspx?erID=57293&AER=false&tbv=1

unknown

Please go endorse the ER for a security rule to allow create/post so you don't have to create custom or give them access to coa/open closed months with the Controller_st rule.

https://ers.infor.com/Ers/SoHoXi/Request/XiDetails.aspx?erID=57293&AER=false&tbv=1

Copyright © 2025 Infor. All rights reserved.