Presentation is loading. Please wait.

Presentation is loading. Please wait.

SAP Access Violation Management by Greenlight

Published byMargaretMargaret Jenkins Modified over 6 years ago

Similar presentations

Presentation on theme: "SAP Access Violation Management by Greenlight"— Presentation transcript:

1 SAP Access Violation Management by Greenlight
Speaker’s Name/Department (delete if not needed) Month 00, 2016 Hello, my name is _________________________ and I want to introduce you to SAP’s solution for assessing the financial exposure business processes and transactions have on the business. During this presentation, I’ll demonstrate how exception-based access violation management, along with centralized and standardized processes can help you automate violation identification and review, streamline your access-risk processes and reduce your governance costs.

2 Agenda Current Access Violation Situation Customer Challenges
Introducing SAP Access Violation Management by Greenlight Customer Value Appendix Today we’ll talk about: The current access violation situation Some of the challenges faced by our customers SAP’s Access Violation Management solution A customer example

3 Current access violation situation
Access governance processes continue to be manually intensive and operate in silos across the enterprise Lack of visibility into the financial exposure resulting from access risk violations Managing the access that business users have to enterprise applications is a balancing act. Granting too much leaves organizations exposed to higher risk, but granting too little prevents people from doing their jobs and slows business momentum. Across enterprise applications, many teams still operate in silos as opposed to centralizing access governance activities. Organizations need insight into the financial impacts of access risk to make better, more proactive decisions about access control.

4 Customer challenges Enable centralized and standardized processes across business applications and IT systems Automate identification and review of actual access violations Summarize the financial impact of actual violations Today, organizations are going beyond traditional methods of manual business controls and ad-hoc analyses by using integrated technology to automate risk identification and its impacts on the business. Exception-based monitoring controls and centralized functionality for tracking resolution of those exceptions reduce manual control efforts and eliminate false positives. By enabling enterprise-wide access governance and articulating the bottom-line impacts of access risk on your organization, you can drive business changes when traditional manual controls are insufficient to mitigate the actual financial exposure of access risks. Customers are looking for a solution that will: Enable centralized and standardized processes across business applications and IT systems Automate identification and review of actual access violations Summarize the financial impact of actual violations

5 Introducing SAP Access Violation Management
Summarizes the financial dollar value of access violations Alerts business owners only when exceptions occur Contains a comprehensive library of automated SoD controls Provides an intuitive interface designed for business users Extends the functionality of SAP Access Control The SAP® Access Violation Management application by Greenlight enables you to assess the financial exposure business processes and transactions have on the organization. With exception-based access violation monitoring and centralized and standardized processes, you can automate violation identification and review, streamline access-risk processes, and cut governance costs.

6 SAP Access Violation Management Assess the financial exposure of access risk on the business
Capabilities Details and summarizes the dollar value of access violations for a true picture of your exposure to access risk Enables a risk management strategy that suits your organization Forecasts risk impacts through intuitive dashboards Uncovers violator trends and at-risk applications or business processes A certain level of access risk is unavoidable – to eradicate it all would limit business productivity. But in many cases, the controls that companies put into place to mitigate risk are manually driven and time consuming. With the SAP® Access Violation Management application by Greenlight, you can see the financial impact of access risk for business processes and transactions and enable a risk management strategy that suits your organization. SAP Access Violation Management lets you detail and summarize the dollar value of access violations for a true picture of your exposure to access risk. The application summarizes the financial value of actual access violations, instead of relying on incomplete data from sample testing, and clearly articulates the risk that user access has on the organization. Intuitive management dashboards and historical reports help business users prioritize and remediate violations. Powerful analytics can forecast risk impacts based on historical data and uncover violator trends and at-risk processes.

7 SAP Access Violation Management Summarizes the bottom line impact of access risk
Capabilities Automates the monitoring and correlation of business transactions Identifies where SoD violations occurred Summarizes the financial dollar value by business process, risk or user Articulates the financial exposure that access risk has on the business With SAP Access Violation Management, you can clearly articulate the financial exposure that unresolved access risks have on the business. The application automates the monitoring and correlation of business transactions to identify instances where actual segregation of duties violations occurred, and summarizes the financial dollar value by business process, risk, or user. The application includes a comprehensive library of configurable, automated controls, based on best practice experience, that facilitate rapid deployment. Historical reports and management dashboards enable prioritization of remediation efforts and enable business users to take action. By associating a dollar value with unresolved access risk violations, you can drive organizational change to further minimize the risks of internal fraud and loss of revenue due to employee error.

8 SAP Access Violation Management Enable exception based access violation monitoring
Capabilities Notifies business users only when exceptions occur Provides more comprehensive coverage than the incomplete approach of sample testing Tracks investigation and resolution of each incident until resolved Reduces manual control efforts and false positives In most organizations, a certain level of SoD violations must be accepted for the business to function efficiently, and mitigating controls are implemented to address the remaining risk. Those controls, however, are typically manual in nature and locating actual exceptions is like searching for a needle in a haystack. SAP Access Violation Management enables exception-based monitoring of transactions to identify actual violations, notifying business owners only when exceptions occur. For example, a business user may need to maintain and issue payments to vendors. A mitigating control can be put in place to review a sample of vendors that have been created or changed compared to payments issued, to reduce the risk of internal fraud or employee error. With SAP Access Violation Management, you can automate the monitoring and correlation of transactions to identify instances where one business user maintained and paid the same vendor. This provides more comprehensive coverage than the incomplete approach of sample testing. Once exceptions are identified, the solution tracks investigation and resolution of each incident until issues are resolved in a graphical, intuitive user interface designed for business users. By doing so, the application reduces manual control efforts and false positives.

9 SAP Access Violation Management Reduce enterprise-wide access governance costs
Capabilities Eliminates administrative silos and provides complete picture of business user access across the organization Delivers superuser access management to on-premise, hosted and cloud-based enterprise applications Centralizes governance activities across all enterprise applications SAP Access Violation Management enables you to apply consistent and comprehensive access governance across enterprise applications. The application extends the capabilities of the SAP Access Control application across business applications and IT systems, eliminating administrative silos and enabling a more complete picture of business user access across the organization. SAP Access Violation Management enables real-time risk analysis and provisioning, user access reviews, role management and superuser access management to on-premise, hosted, and cloud-based enterprise applications. The application includes a library of pre-built integration functionality for a variety of SAP and non-SAP applications for quick installation. Working together, SAP Access Control and SAP Access Violation Management enable a centralized approach to real-time risk analysis and centralized user and role administration.

10 Choose an edition to target specific needs
The risk assessment edition of SAP Access Violation Management provides exception-based monitoring of actual SoD violations and analyzes the financial impact of risk across the enterprise. The system integration edition of SAP Access Violation Management provides the functionality of the SAP Access Control application to additional SAP and third-party business applications. Organizations that don’t need all of the power of SAP Access Violation Management can choose an application edition that provides a subset of the overall functionality. The risk assessment edition of SAP Access Violation Management provides exception-based monitoring of actual SoD violations and analyzes the financial impact of risk across the enterprise. Choose the risk assessment edition when you want to automate mitigating controls, identify actual SoD violations across your SAP and third-party business applications, cut governance costs, and gain a clear understanding of the cost of access violations and its impact on the organization. The system integration edition of SAP Access Violation Management provides the functionality of the SAP Access Control application to additional SAP and third-party business applications. Choose the system integration edition when you want real-time risk analysis and provisioning, user access reviews, role management, and super user access management for your on premise, hosted, and cloud-based enterprise applications.

11 Customer Value Gain a clear understanding of cost of access violations and impact on the organization Reduce manual control efforts and eliminate false positives Centrally track investigation and resolution of access violations Give business users ownership of remediation activities With SAP Access Violation Management you can see the financial exposure of unresolved access risk to enable an effective risk management strategy and drive business process change. The application automates identification and review of actual access violations, summarizes the financial dollar value of actual access violations, and enables centralized access governance across enterprise applications. SAP Access Violation Management provides you with a more complete picture of exposure and costs and clearly articulates how unresolved access risks affect your bottom line. When implemented with SAP Access Control, a comprehensive set of detective and preventative automated controls enable you to streamline access governance activities and reduce enterprise-wide access governance costs. Understand how unresolved access risk affects your bottom line. .

12 Simplifying SOD Management with SAP® Access Control and SAP Access Violation Management
Company Sharp Electronics Corporation United States Headquarters Mahwah, New Jersey Industry High tech Products and Services Home electronics, appliances, mobile devices, and business solutions Web Site Top objectives Leverage technology to streamline access governance processes across enterprise applications Contextualize the segregation of duty (SOD) risk in terms of financial exposure to the business Resolution Deployed the SAP® Access Control application as the company’s centralized access governance solution Deployed the SAP Access Violation Management application by Greenlight to automate SOD controls and to provide insight into financial exposure due to SOD violations Established this centralized solution as the basis for security as a shared service and as a platform for further expansion Key benefits Automation that reduced manual efforts for managing access governance and SOD procedures across the enterprise Reduction in external audit costs Reduction in the IT security team – from five employees to one 80% Reduction in IT personnel time required to manage access governance and SOD controls 300 hours Reduction in time spent per month on SOD control monitoring 33% Increase in the number of systems managed by SAP Access Control “The synergy between system solutions and procedure and technology and humanity empowers and frees companies to focus on core business functions. Leveraging innovative solutions like SAP Access Control and SAP Access Violation Management allows Sharp to do more and maximize resources.” Wyatt MacManus, Associate Director, Information Security, Sharp Electronics Corporation

13 Thank you Contact information: F name MI. L name Title Address Phone number

14 Appendix

15 SAP Access Violation Management Manager user access based on business impact
SAP Access Control Access Risk Analysis, User Access Management, Emergency Access Management, Business Role Management Real-Time Cross Enterprise Control Discovery, Aggregation, Correlation and Normalization Accelerated Mitigation Automated Mitigating Controls, Exception-based notifications User, Role and Risk Modeling Reporting Simulation Embedded GRC Rules & Analytics Workflow Financial Exposure of Access Risk Bottom-line Dollar Value Cloud & SaaS Business Applications Core SAP Legacy/Custom Solutions Other SAP & ERPs

16 SAP Access Violation Management Manage user access based on business impact
SAP Access Control Preventative Reviewing user access rights and monitoring application security tables Visibility into users and roles with the capability to perform high risk transactions + = Leveraging SoD rule sets SoD Rules SAP Access Violation Management Detective Mitigation Rules Visibility into actual usage and violations executed against high risk transactions in conflict with policy Reviewing transaction meta data and monitoring usage in transaction tables + = Leveraging analytics rule sets

Download ppt "SAP Access Violation Management by Greenlight"

Similar presentations

Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.

Manage your technology for optimal return on investment (ROI) The Tivoli ® Configuration & Operations management solution from IBM.
Leveraging an Integrated ERP and CRM System - Featuring Sage MAS 500 ERP and Sage SalesLogix CRM.

Leveraging an Integrated ERP and CRM System - Featuring Sage MAS 500 ERP and Sage SalesLogix CRM.
John Whittle Sales Specialist Case Study: Manage Transactions Across the Enterprise Featuring BMC Middleware Management.

John Whittle Sales Specialist Case Study: Manage Transactions Across the Enterprise Featuring BMC Middleware Management.
1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.

1 ILANTUS Proprietary Jaunary 20, 2014 Enabling complete AGS features on ISIM Compliance Express – ISIM Integration.
HP Quality Center Overview.

HP Quality Center Overview.
Fahri BaturOctober 2013 SAP GRC AC ARA Access Risk Analysis Requirements Gathering Workshop.

Fahri BaturOctober 2013 SAP GRC AC ARA Access Risk Analysis Requirements Gathering Workshop.
Transforming Your Operations Presented By: Mark Johnston, Product Adoption Manager The Role of Data Governance August 13, 2014.

Transforming Your Operations Presented By: Mark Johnston, Product Adoption Manager The Role of Data Governance August 13, 2014.
SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.

SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
ACL Solutions for Continuous Auditing and Monitoring John Verver CA, CISA, CMC Vice President, Professional Services & Product Strategy ACL Services Ltd.

ACL Solutions for Continuous Auditing and Monitoring John Verver CA, CISA, CMC Vice President, Professional Services & Product Strategy ACL Services Ltd.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
Governance, Risk, and Compliance Bill Greene Senior Industry Director.

Governance, Risk, and Compliance Bill Greene Senior Industry Director.
Www.skyboxsecurity.com Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.

Skybox® Security Solutions for Symantec CCS Comprehensive IT Governance Risk and Access Compliance Management Skybox Security's.
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Purpose: These slides are for use with customers by the Microsoft Dynamics NAV sales force and partners. How to use: Add these slides to the core customer.

Purpose: These slides are for use with customers by the Microsoft Dynamics NAV sales force and partners. How to use: Add these slides to the core customer.
ERP For Payments Presented by: Greg Midtbo Oracle Corporation Industry Vice President Financial Services.

ERP For Payments Presented by: Greg Midtbo Oracle Corporation Industry Vice President Financial Services.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Project Portfolio Management Business Priorities Presentation.

Project Portfolio Management Business Priorities Presentation.
Www.infotech.com Impact Research 1 Enabling Decision Making Through Business Intelligence: Preview of Report.

Impact Research 1 Enabling Decision Making Through Business Intelligence: Preview of Report.
GRC: Aligning Policy, Risk and Compliance

GRC: Aligning Policy, Risk and Compliance

Similar presentations

Ads by Google