How a Healthcare Organization Effectively Implemented Workday Controls in Supply Chain Management

The role of supply chain management for healthcare is in a continuous, evolutionary cycle to support rapidly changing patient care models and an ever-changing business environment. Healthcare providers are increasingly adopting Workday Supply Chain Management (SCM) as a key component of their Workday suites to help reduce costs and enable healthcare organizations to provide care to their customers. As a supplement to Workday Financial Management, Workday SCM provides a solution for integrating supply chain operations with financial management and analytics across the organization to support stronger utilization and decision-making. For many healthcare organizations, the cost of supplies makes up almost one-third of the total operating budget. Due to the financial implications of supply chain operations, it is important to consider the controls placed on supply chain processes to effectively manage cost, working capital, and sustaining operations. This blog explores how Protiviti assisted our client with assessing and recommending supply chain configurable controls during their Workday implementation.

Client and Project Background 

Our client is a healthcare system with hospitals located across the U.S. midwest.The organization was undergoing a Workday Human Capital Management (HCM), Financials and Supply Chain Management (SCM) implementation to transform and streamline the business. The decision to simultaneously implement all three Workday modules (HCM, Financials and SCM) would enable a strong foundation to provide patient care. For example, an integrated Financials and SCM system would provide the client with seamless purchasing, replenishment, financial planning and analytics to provide visibility, enhanced decision making, cost control, and ultimately better service to patients.The client requested Protiviti’s assistance during the Workday implementation design phase to evaluate the Workday configurable controls environment for procurement, inventory and accounts payable, with other key Workday functional areas.   

Building a Strong Control Environment for Supply Chain Management 

Using best practice knowledge related to Workday configuration and healthcare industry expertise, Protiviti identified key risks and configurable controls related to supply chain operations. Protiviti worked with client functional area leaders and the third-party system implementer to understand the Workday solution design and the SCM control environment. Our team then validated the design in the client’s Workday implementation (IMPL) tenant to observe how supply chain master data and business processes were configured. The team discovered gaps in supply chain controls not previously considered as part of implementation activities that, if configured, would provide automated, reliable enhancements to SCM processes. Protiviti then provided the client with specific recommendations to enhance the control environment via such configurable controls prior to their advancement to the build and test phases of the Workday implementation. Some examples of Protiviti’s configurable control recommendations include:

Procurement Spend Control 

The ability to effectively manage costs within the supply chain process begins with procurement, where purchases originate and goods are ordered to be added to an organization’s inventory. To mitigate the risk of excessive or unapproved spending, alerts should be configured to notify appropriate purchasing personnel when a purchase amount exceeds amounts specified in the organization’s spend approval matrix. Workday allows a spend approval matrix to be easily translated into an approval workflow with automatic notifications of requests for approval via its purchase order business process. This enables the organization to define the level of review and approval required on every purchase depending on the amount. In the business process workflow below, our client has configured six levels of additional approvals from various groups, based on the purchase order amount. Additionally, each step has routing restrictions to prevent the initiator or purchaser and previous step approvers from approving subsequent steps, providing additional assurance that varied levels of approvals from unique individuals in the organization are built into the procurement process.

Accounts Payable Controls on Invoice Approval and Settlement

Controls on accounts payable mitigate the risk of paying out unauthorized funds in the form of overpayments, duplicate payments or fraudulent payments. As part of SCM setup, Workday allows users to configure automatic Supplier Accounts Match Condition Rules such as a three-way match to ensure that invoices are not settled unless a matching purchase order and receipt have been identified in the system. This ensures that purchases, items received and payment amounts to the suppliers match (within a tolerance) before invoices are approved and settled, which systematically prevents potential rogue invoices from being settled.

Enhancing Controls for Improved Supply Chain Processes 

Over the course of just a few weeks, Protiviti identified select key control enhancing Workday configuration recommendations for the client’s supply chain environment. While the third-party system implementer had provided the client with thorough design guidance throughout the course of the implementation, they agreed that the controls identified by Protiviti would further enhance supply chain processes and better utilize configurable controls offered by the system. Protiviti’s supply chain control recommendations would enable the client to leverage Workday to better streamline and control procurement and inventory activities, produce more accurate and reliable financial data for analytics, and ultimately improve spend management related to supplies.

To learn more about our Workday capabilities, contact us 

Jerine Hu

Senior Consultant
Enterprise Application Solutions

Subscribe to Topics

Protiviti has launched an enhanced ransomware offering to help companies manage the rising threat levels to their business from malicious actors attacking mission-critical operations. Learn more: http://ow.ly/VjtA50FJvNO

#ransomware #cybersecurity #resilience #privacy

Identity at the Center is a #podcast all about #identity security in the context of #identityaccessmanagement. This week, hosts Jim McDonald and Jeff Steadman discuss Modern IGA and #zerotrust with Rod Simmons. Listen now: http://ow.ly/jVYm50FIR9r

Protiviti's Dimitry Snezhkov will walk through the design considerations of a friendly offensive #ransomware implant which emulates logical steps threat actors take to manage #encryption and #decryption capabilities. Don't miss this #BlackHat session! http://ow.ly/8ljT50FDXKG

We’re passionate about technology. Learn how Protiviti can help you solve business problems leveraging technology at http://ow.ly/cHTK50Fz11L.

#ProtivitiTech #CIO #CISO

Load More...