PowerObjects Blog 

for Microsoft Business Applications

Improve Your Internal Controls with D365 Finance and Operations

Post Author: Joe D365 |

Many businesses currently lack systems or resources to properly enforce company policies and internal controls. Dynamics 365 for Finance and Operations (D365F&O) can help!

Here are several ways D365F&O can strengthen your company’s internal controls, all while saving time and money.


Every transaction in D365F&O can be tracked in the system to identify who posted the transaction, when the transaction was posted (date and time stamp), and from which document source the transaction was posted.

Users have the ability to navigate all the way back to the source document from the Trial Balance or the Audit Trail report in order to gain further visibility. Users can also navigate from the GL Voucher Transactions report, or from any transaction that has a voucher.  For example, a sales or vendor invoice journal both have an option to view the ‘voucher’ and then drill back to transactions.


Through role-based security, companies can set up and assign security roles to their employees. There are many default roles that can be assigned to users, such as AP Clerk, Inventory Accountant, and Accounting Manager. Based on the role assigned, users will only have access to view, edit, or post in specified areas of the system. As all companies are different, these security roles can be easily customized to fit your company’s needs.

Users also can create Segregation of Duty rules that identify risks and violations of policies. For example, you may not want to have the same employee that deposits customer payments perform your bank reconciliation. Using the Segregation of Duty functionality, the system can verify that these policies are adhered to in your security settings and identify any conflicts. Conflicts can be resolved by modifying user security to ensure compliance.

Audit Workbench

The Audit Workbench is a very useful tool to help implement an internal auditing program.

Users can create custom audit policies to identify and select source documents to review. Currently, you can create your own criteria to flag purchase orders, vendor invoices, and expense reports. With minimal set-up, users can run system scans by creating automatic recurring batches.

If there is a violation of the audit policy, an audit case is generated for further review or action. Alerts can be generated to notify both the audit team and management of policy violations.

Here are a few examples of how the Audit Workbench can be used:

  • Randomly select 5% of purchase orders for review by your internal audit team
  • Review posted vendor invoices with the exact same dollar amount to rule out duplicate postings
  • Search expense reports for any line items containing certain text that may indicate policy violations, such as “beer” or “gift”

Approval Workflows

Many companies are stuck using manual approvals, relying on their accounting staff to review and enforce company policies. Now with D365F&O, approval processes can be run systematically by configuring a workflow. The system will not allow transactions that have not been completed in the workflow to post; ensuring that all proper authorizations have been gathered. This set-up can be simple or complex (multiple approval stages) based on your company’s needs.

The history of a workflow is saved and can be accessed to review who has approved a transaction with a date and time stamp, much like the audit workbench.

Some examples of an approval workflow in D365F&O:

  • Prevent staff accountants from posting directly to the general ledger, requiring a manager to review and approve journal entries
  • CFO approval of purchase orders over a certain dollar amount
  • Department approval of vendor invoices

Email Alerts

D365F&O allows users to create and send custom email alerts based on certain events in the system.

Here are some examples of alerts:

  • Change based – Get notified of a change in a vendor’s address or change to a customer’s credit limit
  • Create – Get alerted of a new fixed asset or customer that has been entered
  • Due date – Notify your shipping department if a customer’s requested ship date has passed

As you can see, through traceability, security, audit workbench, approval workflows, and email alerts, D365F&O can strengthen a company’s internal controls. These areas can all be modified to fit your company’s current and future needs.

Be sure to keep checking our blog for more! And as always, happy Dynamics 365’ing!

By Joe D365
Joe D365 is a Microsoft Dynamics 365 superhero who runs on pure Dynamics adrenaline. As the face of PowerObjects, Joe D365’s mission is to reveal innovative ways to use Dynamics 365 and bring the application to more businesses and organizations around the world.

PowerObjects Recommends