skip to Main Content

Security Audit Services Offering

Security Audit Services Offering

let-sap

At iCloudfluence, we understand that a strong security model is imperative for having a clean, operational system. We also understand that Workday security is not a set-it-and-forget-it module; with constant new functional areas, functionality, and multiplying domains, a continued way to see the status of your security is important.

We offer a complete review of security and authentication across all functional areas of your system (HCM, FIN, Student) paired with consultant advisory and recommendations as well as executive level deliverables and custom reporting for increased security visibility and continued maintenance

Security-Audit-Services-Offering

The Key, High-Level areas we audit:

let-sap
  • Authentication Setup and Weaknesses
  • Domain and Business Process Security Policies
  • Organizations and Role Assignments
  • General User Access to Tasks and Data
  • User Access Exceptions
  • Business Process Configuration and Historical Performance
  • Custom Report Catalog (including report sharing and exceptions)
  • Integration Security and Account Configuration
  • Background and Scheduled Future Processes

The Key, High-Level areas we audit:

let-sap
  • Security configuration with systemic issues causing process routing issues (unassigned tasks) and unwanted data exposure
  • Non-public items (reports, manager tasks) available publicly or to non-managers
  • No authentication enforcement for specific populations (back-end loopholes for Single Sign On or multi-factor authentication)
  • Non-essential Workday accounts available for login (potential for breach)
  • Scheduled Processes with errors preventing completion

Some final, specific details of the audit package:

let-sap
  • The package consists of over 20 custom reports that monitor and identify specific issues and non-best practice configuration
  • The audit is completed by a Workday Security Architect who performs the initial audit, reviews the findings, and recommends/helps prioritize solutions to issues found
  • All reports are built into a dashboard that can be reused in the future for ongoing monitoring and periodic audits

    Back To Top