payroll/HR permissions best practice

we are looking at controls for a new HR and Payroll system. We need to ensure users permissions in the system are free from fraud/misuse, through effective separation of duties and granting of access permissions. Are there any specific types of permission in HR and payroll systems where no one officer should be able to perform multiple tasks without a secondary officer involved, e.g. separation of duties/'high risk' functions from a fraud/inappropriate use angle.
LVL 4
pma111Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

masnrockCommented:
IT people aren't necessarily the best people to ask for that type of answer. You should be working with HR and payroll to determine that one. If they're unsure, then it would make more sense to get advice from consultants in the HR or payroll arena rather than on EE.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pma111Author Commented:
Will leave it open as my thinking was technical developers may be tasked with defining security roles with this subject in mind.
0
masnrockCommented:
I get why you asked, but the question you're asking is more of a process question than a technical one. That's why it makes more sense for HR and payroll to answer.
1
Blue Street TechLast KnightCommented:
Hi pma111,

I'd mirror what @masnrock has mentioned.

If you were to ask, "what type of security mechanisms should be in place to insure an internal employee does not have the ability to compromise or infiltrate the security boundary of the HR department's network" that might be an example of something we (IT) could offer advise on. But as it stands your questions is much more related to a compliance officer, CPA within the realm of compliance, a process control officer or an HR manager.

You are in the right spot for all things IT but for this question, I'd recommend you lookup some HR specific forums.

Let me know if you have any other questions!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Human Resources

From novice to tech pro — start learning today.