Riskified Conquers Compliance on NetSuite

Geared for growth but in need of stronger compliance programs

When it came to its audit trails, the Riskified team was manually tracking every NetSuite change in their ticketing system. This process was inefficient, time consuming and could not keep up with Riskified‘s rapid growth. The team needed to automate the process in a way that better used its resources and strengthened compliance. The system not only had to record the requests and any modifications in detail, but needed to help the NetSuite team organize any relevant information for auditors on short notice.

Using Salto for visibility and documentation

After a short evaluation, the Riskified team selected SaIto and launched a project. The two teams worked together to rethink Riskified‘s compliance needs, understand its data, and set about automating it.

Together, the two teams:

• Connected a new Salto workplace to Riskified‘s NetSuite production environment
• Created a GitHub repository for versioning and connected it to the workspace
• Devised a process to allow Riskified employees to access Salto capabilities while continuing to work in their existing NetSuite environment

With the solution up and running, the team was able to:

• Fetch their NetSuite configuration into the SaIto workspace
• Review the changes
• Identify and classify the changes to the relevant business requests
• Connect those requests to their respective Jira tickets
• Gather them into a single Git commit
• Push that commit to their GitHub repository for versioning control

Under this new schema, users could add the relevant Jira ticket number and the Git commit, and have the ticket automatically linked thanks to the Jira-Github integration.
‍

Riskified's team could view the Git history from three levels: on a file level, on a system level, and on a business request level. Team members could visit a file and see the history of changes—who touched what and when, and what changed as a result - as well as every change made throughout their history of use, across all configurations. Team members could also go into specific tickets on Jira and see the history of changes made across Jira and GitHub that were related to that business request.In the end, someone auditing the NetSuite System Notes could see a change, ask why it happened, and the team could simply search that element in Jira and find out why.

Increased visibility through a streamlined pre-audit process

With automated documentation and business request trails, the Riskified team was able to review and keep close track of changes made to NetSuite. For the first time, they could understand the context of each change and automatically tie those changes back to the relevant business requests as detailed in their respective Jira tickets. Now that they had documented versions of files from exact dates, they could also perform revert and debug operations. They could also proceed with their designs for growth.

Because of Salto, Riskified:

• Saved a significant amount of operations time and resources
• Strengthened their compliance system
• Collaborated better internally, creating an orderly and more transparent environment

Most importantly: Shortly after their initial deployment, Riskified leveraged the SaIto solution to successfully complete the pre-audit process.

‍

"With Salto, we were able to ease our compliance concerns and make changes to the NetSuite system with confidence, knowing that we had a complete audit trail for every change request. We were extremely satisfied with the new level of transparency, order and overall control the Salto solution brought to our processes." - Idan Harari, NetSuite Team Leader

‍