SoD matrix risk repository and sensitive access
smartSoD - proper segregation of duties
smartSoD is a template access risk repository for segregation of duties risks and sensitive technical access. The library has been developed during security projects delivered for over 12 years for more than 100 customers from various industry and sectors (telecommunication, FMCG, retail, entertainment, production, chemistry, pharma). It works as project accelerator when user access reorganization is required and first project effect are required to be delivered fast It contains a list of over 125 segregation of duties risks and 50 instances of sensitive access.
When is it worth it?
Complete database content - SoD and sensitive transactions
Summary - why is it worth using?
smartSoD delivers segregation of duties matrix repositories and sensitive access in SAP ERP class systems. It helps to accelerate the process of implementing the proper segregation of duties in SAP permissions.
Main functionalities of smartSoD
smartSoD screen gallery
FAQ – find out more about smartSoD
smartSoD is an indispensable service from the perspective of security of processes and business actions executed in a SAP system. Below you may find the answers to the most frequently asked questions about our solution.
The smartGRC application is a separate stand-alone system, which can be installed in your personal environment or made available from the cloud. Installation of the system requires preparing an application server (Windows) and a database server (SQL).
The smartGRC application connects through a SAP interface dedicated to JAVA systems – a JCo connection. Standard SAP programs are used to download data from the SAP system, launched for reading data with parameters set by smartGRC.
3-4 weeks, assuming a standard process and no more than 10 administrators and consultants accounts for 2-3 SAP systems. A greater number of accounts or SAP systems generates additional complexity in the implementation process (configuration, training, and transition of knowledge), which grows with the number of stakeholders and operated SAP systems. However, the duration of more complex projects does not exceed 3 months.
The product has a wider spectrum of reported information realized during special / emergency sessions than its market alternatives, such as creating financial or storage documents, and a detailed documentation of changes, among others. such as creating financial or storage documents, and a detailed documentation of changes, among others. It has built-in safeguards for when an administrator attempts to start an emergency session bypassing smartSoD (usage is reported). It is intuitive in use, based on the familiar environment of a web browser.
Yes, it can support any given system, including ones not based on ABAP technology, but in such a case it is necessary to prepare a dedicated connector, which may extend the implementation and installation process. Currently the system includes connectors to: Active Directory, Remedy, and Service desk.