Trek How a MidMarket Private Manufacturer handled JDE
![[Section Header] [Section sub-header]](https://slidetodoc.com/presentation_image_h2/8dac37daca16139d0d8cfb42525f7508/image-43.jpg "[Section Header] [Section sub-header]")
- Slides: 45
Trek – How a Mid-Market Private Manufacturer handled JDE Security (the easy way) Tom Spoke – Global IT Director Trek Bikes Mike Ward - CEO Q Software Tuesday 21 st August #JDEINFOCUS
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
Objectives – Learn…… • how a well-known company protected its brand with increased focus on security and fraud protection • how a fellow JDE customer established risk controls efficiently and effectively, particularly in light of rapid growth. • how a private company opted to achieve greater control of unknown risks #JDEINFOCUS
Tom Spoke • Global IT Director • 16 Years at Trek • ERP & Inventory & Supply Chain • Business Process Improvement • Wisconsin • Cyclist
Mike Ward • 40 Years IT Experience • ERP from the Beginning • 200 Audits • @mikeaward • Not a Cyclist
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
Trek Bicycle Corporation #JDEINFOCUS
Trek Bicycle Corp at a Glance • Established in 1976 in Waterloo, WI, in a barn with 5 employees • Sells over 1. 5 million bikes annually • Design and distribute parts and accessories • 2, 000 employees worldwide • 16+ subsidiary offices in NA, Europe, APAC, SA, and Africa • Serves a global marketplace with a diverse product line – sold in over 100 countries #JDEINFOCUS
Trek Bicycle Corp ERP Structure • JDE 9. 2 (9. 2. 2. 2 Tools Release) Globally for Distribution, Manufacturing, Finance • Implemented JDE 9. 0/9. 1 in APAC in 2011, upgraded NA in 2013, EU in 2014, 9. 2 in 2018 • 3 PL models in APAC, Mexico, South America, South Africa, India • Users and Scale • Approximately 1000 users • 500 concurrent • Infrastructure • AS 400, IBM DB 2 Database #JDEINFOCUS
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
Why do you have an ERP System? #JDEINFOCUS
Has your company experienced Fraud? © Pw. C 2018 Crime & Fraud Survey #JDEINFOCUS
What Can Happen? • Theft of IPR • Accidental Data Error • Process Error • Change Control Mistake • Financial Manipulation • Fraud #JDEINFOCUS
#JDEINFOCUS
No-one would do that to us #JDEINFOCUS
#JDEINFOCUS
65% Employees 21% Former Employees #JDEINFOCUS
#JDEINFOCUS
#JDEINFOCUS
Dutch infrastructure group Imtech NV was at the centre of fraud allegations in 2013, after an internal investigation revealed fraud had cost the company hundreds of millions of euros. It was alleged that senior executives of Imtech’s German division ordered managers to revise their financial statements upwards, and made € 30 m in unjustifiable payments to a company it refers to as “X Group”, which employed former managers from Imtech. Between the fraud first coming to light in February 2013 and June 2013, its shares fell by 60%. In all the company lost a value of € 1 billion on the stock market and June 2013 the company confessed that the internal controls had not worked. And on 13 th August 2015, Imtech NV went …….
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
Trek – Regarded as an Ethical Supplier • Today’s Climate • • Fraud in the news Email scams/phishing Need for tighter controls and better visibility Need for simplified audit process • Multiple Roles • Smaller Subsidiary offices • Many hats • Multiple Regions – localizations • Analyst Roles #JDEINFOCUS
Issues with Native JDE Security Tools • Complex • No easy way of showing or analyzing • Who has access? • What do they have access to? • Why? • AM and SMP From Q Software • • • Build and Analyze Segregation of Duty Models Automatically generate security to match business processes Apply and Store Mitigations Easy to read, thorough reports for auditors Analysis and Reporting for Administrators (to see and fix issues with their security/Roles) • Fully auditable trail of all security changes #JDEINFOCUS
Setup Process • Business Involvement – Key to success • Internal auditor • Controller • Operations Manager #JDEINFOCUS
Trek – Cultural Change • Heightened prevalence of Fraud allowed to the Board’s awareness of the importance of good security and controls • Appointed Internal Auditor • Implement a rigorous Segregation of Duties controls to reduce risk, and satisfy external auditors • JD Edwards Upgrade: • Allowed for the opportunity to redesign security and implement efficient Roles based model #JDEINFOCUS
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
Chose QS Tools – Two Phases • Security Management • Provide a more logical approach and much friendlier security interface • Wanted a hierarchical model with three levels: • User • Supervisor • Manager • Audit – Main Focus of this Presentation • Analyze Risks • Implement So. D • Auditor Reporting #JDEINFOCUS
Phase I - Security Management • Audited Live Security • Reviewed • • Object to Object Duty to Duty Role to Role Single Object • Imported Menus – Auto-Created Roles • Role Refinement • Go Live #JDEINFOCUS
Audit Problem • Who has access to these programs? • Answer: Run complicated query over a limited set or criteria • Looking at primary roles • Small set of high alert programs • • • #JDEINFOCUS P 0911 P 03 B 11 P 0411 P 01012 R 04572…
Phase II – Audit Implementation Plan • Run against Seeded Rules • Identified Key Risks • Planned Remediation • Work with Business • Mitigations • Gained Ownership #JDEINFOCUS
Content – Start with a Template • 150 Seeded So. D Rules • Key Risks in JDE • Work with the Business to Refine #JDEINFOCUS
Audit Reporting - Examples #JDEINFOCUS
Key Wins • Identified Gaps in Security that weren’t found in SQL • On-going security maintenance workload reduced by 65 -70% • Day-to-day security changes are delegated to regional staff, freeing up skilled IT Technicians • Easy So. D Reporting gives the Trek team the information they need to identify risk, prioritize remediation efforts, and monitor progress #JDEINFOCUS
Results of Audit Phase • Excellent Success • Revised Security • Scheduled So. D Reports to run weekly “Without Audit Manager it would be impossible to run So. D Reports so frequently. ” #JDEINFOCUS
Results of Trek using AM and SMP • The effort needed to set up security has reduced by 80 -90% • On-going security maintenance workload has reduced by 65 -70% • Task View Manager (TVM) tools saved an enormous amount of time and made it much easier to build new Roles. • Day-to-day security changes are delegated to regional staff • Now have a scalable, efficient Security Model • Easy So. D Reporting gives the Trek team the information to: • Monitor progress • Identify areas of risk • Prioritize remediation efforts #JDEINFOCUS
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
The Future of ERP Security • Continuous Monitoring (catch theives) • Privileged User Tracking • Cloud Audit Tools – make Internal Audit Independent • Autonomous Security #JDEINFOCUS
Audit as a Service Very Rapid, No Effort…. . . . Answers #JDEINFOCUS
QCloud – a Huge Time Saving • Existing audit processes are manual • IT staff create reports • SQL/manual • Cobbled together spreadsheets • Auditors Review & Question (& loop) • Tools • Specialist On-Prem (Audit Manager) • Expensive & Very Complex (Oracle GRC/AACG) • QCloud Automates • Customer Log In • Request, Review • Download Report
Agenda • Introduction & Objectives • Trek – Company & ERP Setup • Why Audit is Important – MW • The Challenges at Trek • Solutions • Futures – MW • Summary - Lessons #JDEINFOCUS
Lessons to Learn • Reputation – you cannot repair a failure • Risk (& So. D) Control does NOT have to be Difficult • Use the tools • Build on Content • Build on the Experience of Others • Involve the Business (it’s a business issue) • Efficiencies in Security Management can provide an ROI #JDEINFOCUS
[Section Header] [Section sub-header]
Please complete a session evaluation Session ID: 101950 Contact Info: Tom_spoke@trekbikes. com mikew@qsoftware. com
Who is the Quest Community? A 55, 000+ member user community for Oracle Cloud, JD Edwards and People. Soft customers. What the Quest JD Edwards Community offers: Customized digital content Official JD Edwards newsletter Customer success stories Virtual and face-to-face events JD Edwards networking groups Visit www. Quest. Direct. org for more information! #JDEINFOCUS
Macro instruction
Håndled
Tabsaversion
Kink prompt
Star trek terraforming
Star trek: enterprise fernsehsendung
Drukkrag
Trek 3100
Star trek
Star trek voyager beowulf
Star trek colonialism
Driving for success
Cisco defense orchestrator demo
Bi tools for jde
Jde summit
Object browser jde
Jde api documentation
Jde wina
Jde summit
A widget manufacturer currently produces
Bumper height
A sales representative wishes to survey
A brick manufacturer has two depots
Supply chain management and marketing channels
Knit garments manufacturer & exporter
Plicni ventilator manufacturer
A manufacturer of flashlights wants to know how well
Differin manufacturer coupon
Retail storage with customer pickup
Soft pvc formulation
Lost wax process suppliers
Manufacturer sponsored wholesaler franchise system
Petty food manufacturer
Sog oil seal manufacturer
Milk run strategy
Stress relief
Automobile manufacturer saxony
Loose seismic cable factories
Dana buys dress shirts from a clothing manufacturer
V=πdn
Ion sensor geophones manufacturer
Saleyard manufacturer
"furniture manufacturer" purchasing manager
A soccer ball manufacturer wants to estimate
Kuas infrared panel
Traumahawk company il
