Brook Preloader

Security Audit Services Offering

At Kognitiv, we understand that having a robust security configuration is imperative for having a clean, operational system. We also understand that Workday Security is not static; with ever-changing functional requirements, employee turnover and movement, and reorganizations, it is important to have a systematic method of monitoring the health and status of your configuration. We offer a complete review of security and security-related configurations across all functional areas (HCM, FIN, and Student), paired with consultant advisory and recommendations using custom reporting. Also, these reports remain available to you post-review for ongoing use, enabling easier access to key information for maintaining your configuration’s integrity.


The Key, High-Level areas we audit:

Domain and Business Process Security Policies
Organizations and Role Assignments
General User Access to Tasks and Data
User Access Exceptions
Business Process Configuration and Historical Performance
Custom Report Catalog (including report sharing and exceptions)
Integration Security and Account Configuration
Background and Scheduled Future Processes
Security Group Permissions, Assignments and Usages
User Accounts Review and Cleanup

While we have encountered almost every issue imaginable, some examples of issues commonly identified:

Security configuration with systemic issues causing process routing issues (unassigned tasks) and unwanted data exposure
Non-public items (reports, manager tasks) available publicly or to non-managers
Non-essential Workday accounts available for login (potential for breach)
Scheduled Processes with errors preventing completion

Some final, specific details of the audit package:

The package consists of over 30 custom reports that monitor and identify specific issues and non-best practice configuration
The audit is completed by a Workday Consultant who performs the initial review and provides an overview of the reports and recommendations based on their findings
All reports are listed in a reports inventory that can be reused in the future for ongoing monitoring and periodic audits

Download the One Pager