Brook Preloader

Security Audit Services Offering

At Kognitiv, we understand that a strong security model is imperative for having a clean, operational system. We also understand that Workday security is not a setit-and-forget-it module; with constant new functional areas, functionality, and multiplying domains, a continued way to see the status of your security is important. We offer a complete review of security and authentication across all functional areas of your system (HCM, FIN, Student) paired with consultant advisory and recommendations as well as executive level deliverables and custom reporting for increased security visibility and continued maintenance


The Key, High-Level areas we audit:

Authentication Setup and Weaknesses
Domain and Business Process Security Policies
Organizations and Role Assignments
General User Access to Tasks and Data
User Access Exceptions
Business Process Configuration and Historical Performance
Custom Report Catalog (including report sharing and exceptions)
Integration Security and Account Configuration
Background and Scheduled Future Processes

While we have encountered almost every issue imaginable, some examples of issues commonly identified:

Security configuration with systemic issues causing process routing issues (unassigned tasks) and unwanted data exposure
Non-public items (reports, manager tasks) available publicly or to non-managers
No authentication enforcement for specific populations (back-end loopholes for Single Sign On or multi-factor authentication)
Non-essential Workday accounts available for login (potential for breach)
Scheduled Processes with errors preventing completion

Some final, specific details of the audit package:

The package consists of over 20 custom reports that monitor and identify specific issues and non-best practice configuration
The audit is completed by a Workday Security Architect who performs the initial audit, reviews the findings, and recommends/helps prioritize solutions to issues found
All reports are built into a dashboard that can be reused in the future for ongoing monitoring and periodic audits

Download the One Pager