- By Jon Wainwright, Sales Director, Ascertus Limited
Finance, tax and accounts departments typically generate and handle copious volumes of paperwork – ranging from budgetary statements and financial reviews, cashflow and invoicing through to policy and procedural documents such as credit control and the list goes on.
These documents often contain some of the most sensitive and confidential information of the organisation. Most departments in large organisations deploy enterprise resource planning and a range of finance software such as for expenses, budgeting, reporting, invoice creation, fixed asset management and more. The issue is that these systems are designed to manage data, not documents or emails.
In the current business environment, there are many imperatives for finance departments to deploy a best-of-breed document management system (DMS):
Today there are all kinds of threat actors – state-sponsored Advanced Persistent Threat groups, organised criminal gangs and cyber criminals – for whom corporate data is gold. With a DMS, finance departments can institute a variety of measures to protect corporate information. The finance department can establish ‘need-to-know’-based global security policies without being intrusive so that team members work in the way they want to work.
They can also adopt pessimistic security –a restrictive model that automatically locks down access to data in the event of unusual activity by a user. For example, a user trying to see a file without the right password and security clearance.
Furthermore, the data in the system can be segmented, so that in the event of a breach, the exposure to information is limited to only the person’s whose credentials have been compromised. This is especially valuable given the phishing and whaling attacks that have become so common place. They are all email scams and while email security systems are the first line of defence, protecting the organisation’s ‘crown jewels’ is a much more robust approach.
The finance department can set up stringently ‘controlled locations’ in the DMS for sensitive information, protected with features such as multi-factor authentication, and encryption at rest and in motion. Should a cybercriminal go past all the perimeter security to gain access to the organisation’s network, access to data will be restricted to authorised users only in this secure environment.
With the copious amounts of spreadsheet files that finance departments generate and work on, sharing and collaborating on those documents is much quicker. For example, team members can share files as secure links directly from Outlook. There is also an audit trail of who made the changes, who approved the change and so on. Additionally, the DMS can capture all email dialogue around instances of collaboration in the DMS. This is valuable, as at a later date, it is possible for team members to have visibility of the context within which changes may have been made to business-critical documents like budget, cashflow and financial reviews.
A DMS offers finance departments advanced search functionality. A team member could even search for a specific financial figure, across the documents, emails and even images residing in the DMS. This is because for every document/record in the DMS, the content is fully indexed and is therefore searchable plus corresponding metadata is automatically stored, and the document accordingly tagged. Searching for values in a complex spreadsheet or document can be a matter of seconds, making it easy to find the needle in the haystack.
Often, finance managers are on the move, and use mobile devices (e.g. smartphones, iPhones, iPads, tablets) to work remotely or out of the office. They can have anytime, anywhere access to documents of course, but crucially a consistent user experience, regardless of whether the individual is on the phone, desktop or tablet. Additionally, a DMS switches seamlessly between ‘in office’ and ‘on the road’ usage, which can be a great efficiency booster for finance teams.
With finance teams needing to constantly meet deadlines – VAT submission, budgets, financial reporting and such, in addition to a plethora of GRC commitments – automated task management functionality can be valuable. It allows finance teams to adopt a project management-led approach to meeting the various internal, external and regulatory demands. Teams can set up automated alerts to notify relevant individuals of when critical tasks need to be undertaken and even build in escalation processes if actions aren’t accomplished within the approved timeframes.
This regulation is a key reason why finance departments should be considering a DMS.Finance managers need ‘data governance’ capability to manage data stored in unstructured documents and emails to comply with the regulation. For example, to deliver against the ‘right to erasure’ and ‘right for data portability’, departments need the ability to know where personal data is stored and track it to meet these requirements quickly and easily.
Similarly, due to the ever-growing security threat, over-retention of data poses a substantial risk to businesses. Organisations mustn’t hold on to data that they don’t need to keep! A DMS enables finance mangers to apply information retention policies. They can also automate and track the end-to-end process of data that is stored, right from creation through to disposition, supported by full auditability. It’s worth noting that finance departments can apply this approach for governing both physical and electronic records.
Cloud a good option
Today, adoption of a DMS via the cloud presents the best option for finance departments. It can be implemented without any significant support from IT, who in most organisations are already burdened with managing the wider technology infrastructure. A DMS in the cloud is highly affordable; there are no headaches of technology upgrade and maintenance as they are taken care of by the solution provider; and the department always has access to the latest functionality, 365 days a year. Most crucially, security is assured as DMSs comply with audit, data privacy and security standards such as ISO 27001 and HIPAA.
About the author
Jon Wainwright is Sales Director at Ascertus Limited. Prior to Ascertus, he was Sales Director with responsibility for driving sales and growing the business at Solicitec, a case management solution provider to professional services organisations. His experience in the document and case management sector spans more than 22 years. During this time, he has helped many legal and accounting firms as well as large corporate and government departments implement strategic end to end document life cycle management and automation solutions. At Ascertus, he has worked with the likes of the BBC, Virgin Media, DNB, Danske, TOTAL, Schroders, ASDA, Sony and many more highly respected FTSE 100 companies.