Compliance with Workday

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.

Maximize your Workday journey while minimizing your risk profile

Workday cloud-based solutions enable companies to operate with the flexibility and speed they need. However, as with any transformational change, new technology can introduce new risks. Whether a company is just considering a Workday implementation, or is already operational and looking for continuous improvement, an evaluation of internal controls will enable their management team to promote an effective, efficient, compliant and controlled execution of business processes.

Workday features for security and controls

  • Business process framework: The embedded business process framework allows companies to configure unique business requirements through configurable process steps, including integrated controls. 
  • Condition and validation rules: A unique feature within the business process framework is the use of either Workday-delivered or custom condition and validation rules. 
  • Configurable security: Security can be designed and configured appropriately using a least-privileged access model that can be sustained to enable segregation of duties and prevent unauthorized transactions from occurring. 
  • Audit trails: Workday provides a complete data audit trail by capturing changes made to system data. 
  • Reporting and analytics: Workday reporting and analytics functionality helps enable finance and human resources teams manage and monitor their internal control environment. 
  • Sustainability of security and controls: Workday customers can plan for and react to Workday updates to mitigate risk of obsolete, new and unchanged controls and functional processes. 
  • Data privacy: Based on the industry and jurisdictions in which they operate, companies may have to meet stringent requirements regarding the processing of sensitive information. Workday encrypts every attribute value in the application in-transit, before it is stored in the database.

How we can help

PwC has a dedicated team of Workday-certified professionals focused on security, risk and controls. In addition, some of our leaders sit on Workday’s Auditor Advisory Council (AAC) to provide feedback and counsel on the application’s controls functionality, roadmap and audit training requirements.

PwC specializes in providing services around security and controls and completed over fifty-five security diagnostic assessments and controls integration projects. We have developed a variety of tools and accelerators, based on Workday security and controls experience, that help optimize what you do every day.


Contact us

James Draper

Principal, Risk and Regulatory, PwC US

Gurmeet Sawhney

Managing Director, Risk and Regulatory, PwC US

Follow us