The smartGRC application was developed in 2010 and has since significantly reduce the effort required to work with excesive authorisations in over 20 companies in Poland.


Our GRC team of more than 20 people specialises in the authorisation and security area for ERP systems.


Our knowledge and experience allows us to continuously develop the smartGRC application to solve real project challenges.


The purchase of a smartGRC licence provides access to a knowledge repository (SoD separation of duties risk matrix) and premade solutions to challenges in the field of SAP authorisation.

Years of experience
0
Customers
0
Deployments
0
Quality guarantee
0 %

About the application

The smartGRC application was created as a response to the challange related to mass data processing in ERP systems (SAP) by users with segreagation of duties conflicts resulting from excessive authorisations.

Properly configured access authorization and user permissions can be an effective management solution to cyber security threats. Correctly adjusting user authorisations is not easy, however, as it requires deep understaning of the weaknesses of ERP class (SAP) systems.

These weaknesses create the risk of losing control over the accuracy, correctness and integrity of processed data in ERP (SAP) systems in the company.

The smartGRC application evens the odds for the company in this battle. It was designed with the goal of automating processes related to authorisation management in SAP systems in mind, and is currently being successfully used in other systems as well.

Main features

  • Developed in 2010
  • Can function in the client's personal or cloud environment
  • Has 4 main functional areas
  • Average implementation period of 1-3 months
  • Fulfills most audit requirements in the field of SAP permissions
  • Built-in SSO
  • Integrates with the Active Directory module and HR systems
  • Built-in segregation of duties risk repository
  • Has a list of sensitive access in the SAP system
  • Integrates with ticket systems: Remedy & Jira
  • Supports non-SAP systems: Spectrum, Single View, DWH / Teradata
  • MBS Oracle „1.0” IFRS 15, Billing DTH

WHAT MAKES US SPECIAL?

Domain expertise, gained during the implementation of the largest GRC-class solution implementations

We are a recommended expert in the field of authorization

Request a demo
Expert knowledge and experience
Practical knowledge of audit recommendations
Quick tool implementation time
Tailoring to individual customer needs

Business case – what kind of problems do we solve?

Our customer reviews

The smartGRC application completed a review for 10 domain systems and 6 SAP systems within 4 weeks. The review involved more than 300 reviewers, who at times passed on their items to other reviewers. The review process, despite its large scale, was fully automatic and completely transparent to the participants. Without the support of smartGRC, this would not have been possible.

Audit DirectorLarge capital company

The automatic implementation of authorizations in SAP and the preemptive analysis of separation of duties risks has improved our authorization process. It is now shorter in duration and at the same time we meet external audit guidelines.

IT DirectorRetail

The smartGRC application provided us with management information on our current exposure to risks
separation of duties and redundant SAP system accesses, which, combined with useful
information on usage statistics, became the basis for us in terms of deciding the direction of
improvement. The GRC team provided us with the knowledge of the separation of duties risk base and
helped to smoothly lay out the project and then supported us in its implementation. All within the agreed
deadline and budget. Definitely recommend to work together.

Vice President

Ongoing analysis of the risks of separation of duties (SoD) conflicts, reporting details on the causes of separation of duties conflicts facilitated our process of rebuilding authority.

Security officerChemical industry leader

GRC Advisory provided us with experts with many years of experience in roles and authorizations, which translated into the high quality of the authorizations developed.
The GRC team provided us with knowledge of the separation-of-duties risk base and helped smoothly lay out the project and then supported us in its implementation. All within the agreed deadline and budget.
He strongly recommends to work together on these complicated and complex issues in SAP roles and permissions.

Vice PresidentPoland's leading pork producer