Data Extraction Guide
for Sage 300 People
Step-by-step instructions for your IT team to extract the required CSV files from Sage 300 People via the REST Web API for the V/ergent HR & Payroll security assessment. Includes Release 5 programme packs: 25 AML / Wolfsberg controls + 50 cross-system SoD rules + (SAP-only) 30 SAP-GRC-parity fraud patterns.
Recommended extraction path
Use the V/ergent extractor first. It writes CSVs to a timestamped folder under C:\Vergent\Export, then you upload that folder into the audit project.
Manual path if automated extraction is blocked
Use the required-file list below as the manual checklist. Keep filenames unchanged, leave unavailable files empty with only headers, and record any missing source in the upload notes before running the audit.
Extract-VergentSage300People.ps1 uses the Sage 300 People REST Web API to extract all 18 files automatically. Requires PowerShell 5.1+. No additional modules needed.| Requirement | Details | Where to find it |
|---|---|---|
| Web API enabled | Sage 300 People REST Web API must be installed and running | System Administration → Web API Settings. Contact Sage support if not visible. |
| Audit account | Dedicated read-only user with: System Reports (All), Payroll Query (All), HR Query (All) | System Administration → Users → Permissions |
| Server URL | e.g. https://hrserver.acme.co.za | Your IT team / Sage 300 People server hostname |
| Company code | e.g. ACME | System Administration → Company Setup → Company Code |
| PowerShell 5.1+ | Built into Windows 10/11 and Windows Server 2016+ | Run $PSVersionTable.PSVersion to confirm |
Employee Master Data
All employees (active & terminated): ID, name, department, status, hire date, termination date, job title
Employee Leave Balances
Current leave balances per employee per leave type: entitlement, taken, and remaining days
Leave Transaction Log
All leave applications (last 12 months): type, dates, days, approval status, approved by
System User Accounts
All user accounts: username, status, last login, admin flag, password expiry, department
User Role Assignments
All user↔role mappings: user ID, role code, role name, assigned date and by whom
Inactive User List
Users with no login in 90+ days: ID, username, last login date, status, days inactive
Payroll Run History
All payroll runs (last 12 months): run ID, period, status, processed by, approved by, total gross
Payroll Transactions
Transaction-level payroll data: employee, pay type, amount, entered by, approved by
Employee Bank Account Details
Banking details: bank name, account number (masked), branch code, last changed date and by
Salary / Rate Changes
Salary adjustments: old/new salary, percentage change, reason, approved by, effective date
Payroll Approval History
Payroll approval workflow log: submitted by/date, approved by/date, status, comments
System Access Log
Login events (last 90 days): user, timestamp, IP address, action, success/failure, module
Audit Trail Events
System audit trail (last 90 days): event type, user, table, old/new values, IP address
GL Integration / Export Settings
General ledger integration config: target system, auth method, encryption, schedule, status
API / Integration Credentials
API credential metadata (passwords masked): name, scopes, token expiry, last used, active status
Password Policy Settings
Password rules: minimum length, max age, lockout threshold, complexity, MFA requirement
Tax Code Configuration
SARS tax codes: PAYE, UIF, SDL, ETI — effective dates and last updated for currency checking
Company Configuration
System-level settings: session timeout, MFA requirement, audit trail enabled, GL integration flag
Native coverage: 16 payroll-focused SoD rules (S300P-SOD-001..016).
Plus the three Release 5 programme packs that run alongside this platform's audit:
- AML / Wolfsberg Programme Controls — 25 controls spanning sanctions-list cadence, PEP / KYC review, CTR / SAR filing, structuring detection, transaction-monitoring tuning. Wired into all 7 ERP connectors (skips on cloud-only audits). Guide.
- Cross-System SoD — 50 multi-ERP conflict patterns spanning SAP × Oracle × D365 × NetSuite × Sage × AWS × Azure. Detects fraud paths a single-system review will never see. Guide.
- SAP Fraud Patterns — 30 SAP-GRC-parity patterns (STAD audit-log delete, debugger replace in PROD, Z* shadow SAP_ALL, dormant SAP_ALL, posting-period unlock + GL post, etc.). Guide.
Every finding carries citations across 13 frameworks (COSO 2013, COBIT 2019, NIST CSF 2.0, ISO 27001:2022, CIS v8, SOX ITGC, SOC 2 TSC, PCI DSS v4, HIPAA, DORA, NIS2, GDPR, Kenya DPA) — 11 of 13 at ≥75% mapped coverage. See the Check Packs page for per-pack framework coverage badges.