Dynamo Operational Policies
Dynamo, an Enterprise Resource Planning (ERP) product of Excellware, Inc. employs best practices to help our customer achieve compliance with third parties such as Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), and Healthcare Quality Association on Accreditation (HQAA).
Integration
All Dynamo transactions are fully integrated with the general ledger, ensuring that all business transactions are properly recorded and reflected in all reports including financial statements. These transactions include:
- Accounts Payable
- Receipt of invoices from vendors
- Payments to vendors
- Accounts Receivable
- Delivery of invoices to customers by US Mail, email, fax, or EDI
- Receipt of payments from customer via check, ACH, or credit card
- Inventory
- Purchase order receipts
- Transfer of inventory to other company locations such as warehouses, distribution centers or stores
- Transfers between related items
- Building and breaking of assortments, kits, and assemblies
- Sale of products or services
- In house use of inventoried products
- Recording of shrinkage
- Payments on Sales Orders
- Recording of customer payments by cash, check, credit card, gift card, or loyalty card
- Recording of funds deposited
- Recording of cash drawer variances
- Banking
- Bank fees
- Interest received
- Unrealized investment income
Data Retention - Transactions
Dynamo retains almost all data indefinitely so that the following transactions can be viewed at any time.
- Sales Orders and Invoices including product serial numbers
- Sales Orders are voided and not deleted
- Purchase Orders
- Purchase Order Receipts
- Cash Receipts and application to invoices
- Inventory transactions
Data Retention - Reports
Dynamo retains data indefinitely and most reports can be printed as of any current or prior date, including:
- Sales Order Invoice Register
- Cash Receipts Journal
Accounts Payable Invoice Data Entry Register
Accounts Payable Check Register (includes all cash disbursements)
Accounts Payment Manual Payment Register (includes payments, bank transfers, voided payments, and payment that credit a customer's account)
Inventory Evaluation
Accounts Receivable Trial Balance
Accounts Receivable Aging Reports
Accounts Payable Trial Balance
General Ledger Trial Balance
General Ledger Transactions
Financial Statements
Sales Analysis Reporting
Timestamps
Dynamo records time stamps indicating date, time, user ID, and description of various activities for:
- Sales Orders
- Purchase Orders
- Transfer Orders
Credit Card Processing
Dynamo is fully integrated with several credit card processing systems providing both card-present and card-not present transactions. Dynamo is not exposed to, nor saves any credit card information other than the cardholder's name, card type, the last four digits of card number, and transactional reference numbers that are required to appear on customer receipts. Dynamo employs techniques to enable customers to achieve Payment Card Industry (PCI) compliance using the simplest Security Assessment Questionnaire.
Data Integrity
Dynamo validates at the end of each day and reports by email any variance between the general ledger account values and supporting detail transactions for:
- Inventory Value
- Accounts Receivable
- Accounts Payable
- Payments on Sales Orders
Security
- Dynamo logs all login attempts
- Dynamo employs techniques to minimize the effect of denial-of-service attacks
- Dynamo limits access to authorized applications by employee, contractor, and customer using roles
- Dynamo tracks application access
- Access to server via ssh is restricted by source IP address
- Only TCP ports required are opened
- All web activity uses Secure Socket Layer (SSL) encryption
- Access to the cloud dashboard requires Multiple Factor Authentication (MFA)
- Periodic testing is done to verify security requirements are effective
- User password assignment and changes require verification of user via email
- All program execution errors are logged and emailed immediately to Excellware support
- Dynamo automatically logs out inactive sessions
Other Controls and Safeguards
- All data including program code is backed up daily. Daily backups are retained for one month. Monthly backups are retained for one year.
- Server instances can be replaced instantly using the latest backup in case of processor failure.
- Bank Reconciliation is used monthly to verify that statements provided by all bank and investment accounts balance with Dynamo
- All data is fully exportable for compliance audits
- Manual posting to controlled accounts is restricted
- Posting to closed accounting periods is prevented
- Servers are updated regularly to insure all linux security patches are in place and known vulnerabilities have been addressed