Reader’s Digest turns over a new leaf in business rules
When a user ran “purge transaction history” just to see what it would do and lost a history of all transactions, the IT department at publisher Reader’s Digest Association (RDA) knew it was in trouble.
|In addition, RDA faced strict guidelines regarding financial transaction approval limits, such as purchase order and general ledger approvals. Like most corporations, RDA must comply with Sarbanes-Oxley, its external auditors’ interpretation of the legislation, and corporate policies regarding segregations of duties and delegation of authority, according to Steven Derivan, associate director in RDA’s commerce technologies department in Pleasantville, N.Y.
“We do not want a report on non-compliance” with corporate governance directives,' Derivan says. “Once that approach [for compliance] is agreed on, you need to lock down and secure the applications that you cannot do with standard functionality.”
RDA tracks its 37 sets of books, 36 operating units in 32 countries, 50 inventory organizations and 1,500 users on Oracle E-business Suite. Says Derivan: “Assignment of Oracle responsibilities, Oracle menus and request groups need to be standardized and in compliance, as well as password standards such as password length and expiration periods.”
Because standard Oracle functionality could not enforce all of RDA’s corporate policies, the company turned to Logical Apps, a provider of rules-based enterprise applications to extend control over Oracle responsibility assignments.
RDA is using Logical Apps’ AppsRules software to synchronize processes between financial and general ledgers, to keep data secure and to control who can change data. By implementing AppsRules, RDA has been able to eliminate conflicting responsibilities and functions within Oracle, Derivan explains.
Shutting the door
“We can now prevent unauthorized application access to users,” Derivan says. “Also, in situations where we must grant an exception, Logical Apps allows us to retain an auditable approval history within the applications and online approvals or responsibility assignments, as opposed to a paper-based approval process.”
RDA reduced development time by 70% using AppsRules over using traditional tools, Derivan says. “We can take junior-level developers and have them perform senior-level developers’ [duties].”
RDA viewed AppsRules as an investment in a necessary tool, so it perceives return on investment from a different perspective. “The ROI is more of a cost-avoidance than a cost-savings approach,” Derivan explains. “With Logical Apps, we can be confident that our user community has the proper access to our Oracle environment based on their role and level within our organization.”
The software has allowed RDA to reduce dependency on outside contractors and outside developers,' Derivan adds. “It’s allowed us to keep more work in-house.”
RDA plans on initiating a global awareness campaign to help business users understand their new capabilities. The organization also hopes to learn through this campaign what it can do with AppsRules to enhance the developer experience. In addition, RDA is training more internal staff on the application.
The most significant challenge in implementing AppsRules was getting users to accept that RDA was going to enforce compliance, Derivan acknowledges. “The change management that this type of software creates is the biggest challenge.”
If RDA were to implement AppsRules all over again, it would allocate more resources and enroll for Logical Apps training, according to Derivan. Although Logical Apps targets the functional user with its software, Derivan advises organizations to get their technical people involved first. “I think it takes…the senior-level technical developer to get the most benefit from Logical Apps,” he explains. “Functional people will be overwhelmed by the tool.”
Lana Gates is a freelance writer based in Mesa, Arizona. She can be reached via e-mail at email@example.com.