ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacques Le Roux <jacques.le.r...@les7arts.com>
Subject Re: Backdated Transactions
Date Fri, 23 May 2014 13:33:23 GMT
If ever we create a Jira, it seems to me Paul's comments should be taken in account

Jacques

Le 21/05/2014 16:05, Paul Mandeltort a écrit :
> Always a difficult question - where do you draw the line between systemic controls vs.
training?
>
> At the minimum if we don’t have a security provision, we should have proper auditing
of when a PO receipt is backdated or postdated, so someone can figure out
>
> While I wasn’t around for the initial decisions to make the dates not editable, in
a large organization this could potentially have drastic results for other users in the organization.
>
> The scenario I can imagine (and has happened in my org before) is a purchase order contract
dispute. Since purchase orders are legal contracts (at least in the USA), there is a potential
if a PO is received late, and there is not a proper record of when the PO was received by
the company, that you run into a problem.
>
> My organization, for example, doesn’t use OFbiz’s inbound package tracking functionality
(too complicated and slow).
>
> Yeah, better training and supervision would fix this problem, but the reality is that
most organizations would overlook a little thing like this, especially if the default old
behavior changes between upgrades.
>
> Having it available just at a supervisor level at least mitigates that problem. Or at
least stubbing it so it’s easy to figure out where to add the security control would be
a good start.
>
> --Paul
> ----------
> Paul Mandeltort  |  Marco Specialties Inc
> +1-512-394-8119  |   paul@marcospec.com
>
> On May 21, 2014, at 7:15 AM, Pierre Smits <pierre.smits@gmail.com> wrote:
>
>> Paul,
>>
>> Are you sure you would add complexity to a system to provision for
>> avoidance of laziness? Better is it to improve business processes and
>> procedures to flesh such behaviour out of the organisation.
>>
>> Regards,
>>
>> Pierre Smits
>>
>> *ORRTIZ.COM <http://www.orrtiz.com>*
>> Services & Solutions for Cloud-
>> Based Manufacturing, Professional
>> Services and Retail & Trade
>> http://www.orrtiz.com
>
>

-- 

Mime
View raw message