A while ago, our partner XS Control (Asia) posted an article on their website about preventative versus detective controls. It provides an interesting view on how you can manage the impact of risks in your organizations. Here we want to pick up the conclusions from that article and analyze how this works for the authorizations … Continued
– by Jos de Waal – Authorization management and segregation of duties When managing SAP authorizations in the production environment it is quite a challenge to ensure that the environment remains free of Segregation of Duties (SoD) conflicts.Of course, GRC software packages offer tools to do this in a controlled manner. Notably for assigning additional … Continued
2ARC in the Netherlands, together with MARC Solutions in Bangalore-India and XS Control in Singapore are working together as experts in the audit and compliance area, specialized on SAP. Our core common objective is to make the MARC4GRC suite available to SAP partners and customers. MARC is an easy-to-deploy, modular software application that helps SAP partners and customers in … Continued
The RET, a big public transport organization in one of the main cities in The Netherlands, selected MARC4GRC for their internal control and risk management for SAP. This selection was the result of a public tender process in which several GRC software providers participated. MARC4GRC won the bid on its mature functionality at a competitive … Continued
We happily announce that our MARC GRC software is now certified for integration with SAP S/4 HANA!MARC stands for Management of Access Risk and Control and is becoming an increasingly attractive solution for managing SAP access and Segregation of Duties (SOD) controls. It is web based, runs in cloud or on-premise, and can be integrated … Continued
SailPoint is a well-known and frequently deployed solution for user identity management and access provisioning across your IT applications landscape. What is missing for many identity management solutions (IDM) and Identity Access Management (IAM), is a pro-active SoD (Segregation of Duties) check upon provisioning. This is important especially for access provisioning to your SAP ECC … Continued
Among other things tells this newsletter more over the basics of segregation of duties and how you can approach an upcoming segregation of duties audit. Read more here.
The MARC GRC suite offers supplementary functionality to lock SAP user-ID’s automatically based on certain parameters. This allows you to setup a consistent framework for the management of inactive users in SAP and automate the process in accordance with your company’s policy. With one job you can administer inactive users on all connected systems. It … Continued
Periodical analysis of segregation of duties compliance of a SAP ECC or S/4 HANA system is a necessary, tedious task. ‘Necessary’ because you can’t do without it, at least if you want to be in control. ‘Tedious’ because it requires time and effort, which – generally speaking – can take even more than deemed necessary … Continued
Everyone wants reliable information. We cater for this by tight access security to an information system: restrict access to critical functionality and avoid access violating Segregation of Duties rules. And next we ensure that, after acceptance of the information system by the user organization, no configuration changes can be made directly in the productive system. … Continued
Check one of the following pages: