- Interface with the HR system, in order to download and update the Employee database - a central repository of data. Intelligent algorithms for selecting the right supervisor, for example, when a given employee is employed in many companies.
- Transferring the entire solution to the CLOUD architecture based on tools such as Docker, Kubernetess, Bitbucket, ArgoCD, MongoDB.
- Independence from the database layer, full code refactoring support from the JAVA level.
- Architecture based on a system of micro-services, scalable if needed.
- Extension of the smartReview module. Adding new functions in the field of:
- Statistics on transaction usage by end users (what transactions are often used for the verifier to consciously and based on actual system usage to decide whether to leave or revoke user permissions during the review.
- Reducing the working time with the application by the verifier by introducing intelligent algorithms for copying items for verification, e.g. if the user has many accesses and is no longer working in the organization, you can select all accesses for collection with one click.
- Intelligent algorithms for working with the application, e.g. if a given risk contribution is to be collected, as a result of implementing this decision in the system, the user will also lose other risks from the list displayed, the system automatically recognizes and transfers it.
- Extension of the overview beyond the SAP world - importing permissions from any system via XML file.
- Personalization of reports in smartReport.
- Extensive options for configuring the periodic inspection.
- Conducting a regular audit for a particular department or the entire company.
- Implementation of the application in the FMCG sector.
- Extension of support for systems from outside the SAP world, review of authorizations available for the following systems: Active Directory, Teradata, Oracle, Billing, Spectrum, MSSF).
- Rebuilt the smartWorkflow module, adding new functions for managing applications, licenses and user parameters
- smartAccess - support for environments where there are many application servers and logs regarding usage statistics should be implemented on the basis of the so-called host loops.
- Better filtering of review items.
- Downloading logs from SAP without additional logging.
- Implementation in a large telecommunications company listed on the Warsaw Stock Exchange.
- Integration with a third-party incident management tool (Remedy), enabling the transfer and recording of information contained in a request for e.g. authorization or periodic review of risks against SoD risks.
- Completion of application rebranding project combined with name change to smartGRC
- Implementation of new interface according to material design by Google guidelines
- Expansion of smartAccess module for privileged access management to include monitoring of the range of data from end systems covered by smartAccess monitoring
- Implementation of smartReview module to perform periodic authorization reviews of separation of duties risks
- Extension of smartReview with new functionalities, i.e.: copying decisions between items within a request, sending items for feedback, or providing transaction-specific details in SAP
- Optimize processing time in the smartReview module for requests that have more than 3,000 risks
- Development and implementation of a module for verification of access to personal data smartRODO
- Implementation of the next version of smartAcces and smartReview at the largest telecommunications operator in the media and entertainment industry
- Start work on adapting the application to the requirements of the Regulation on the Protection of Personal Data (RODO) enacted on May 26, 2016
- Commencement of application redesign project with its rebranding
- First version of smartReview module (periodic review for SoD risks in user authorizations)
- Modification of activities in SAP support for SU24
- Expansion of security event logging with 50 new requirements submitted by the client's Security department
- Increase the accuracy of analysis by expanding the scope of analyzed data and data sets for the client's organizational structures
- Accelerate SoD risk analysis by expanding the method of generating data for reports
- Introduction of a new graphic design based on the latest User Experience trends
- Introduction of an administrator-configurable WorkFlow acceptance path
- Implementation of a new module to ensure compliance with RODO requirements after May 25, 2018 - smartGDPR
- First implementation at a customer in the energy industry, with special requirements for data access security
- Creation of a new reporting panel with the option to personalize reports with detailed risk statements to the object and transaction level
- Faster data generation and report viewing
- Editing of employee data
- Introducing sets of organizational variables, allowing the elimination of so-called 'false positives', i.e. reporting risks that are not in the system after taking into account the value of organizational structures
- Improved data analysis, reducing analysis time from 12h to 4h.
- Implementing an application in a pharmaceutical company with strong access restrictions in SAP - e.g., release of a drug for use (so-called Decision to Use).
- Roll-out of the implementation to additional countries, at the customer using the application, including the creation of the required language interface (Russian)
- Full implementation at a customer from the chemical industry
- Introduction of automatic authorization implementation in SAP systems
- Launch SSO (Single Sign On) based on Active Directory integration
- Development of new proposals for authorization requests in SAP and Workflow with modification of permissions
- Introduction of a new language version of the interface - English version
- Automation of data import from SAP
- Expansion of the reporting module by increasing the detail of reports
- Managing the conflict matrix of separation of duties (SoD)
- Automatic import of SoD matrix configuration
- Enabling notation of reports into popular text formats
- Implementing an application at a multinational food service company listed on the WSE that has operations in more than a dozen European countries and Russia.
- Base version of the module for authorization, without automatic implementation, with the need to involve the administrator
- Development of a database of authorizations for requests (acting on behalf of another employee with authorization))
- Design a function to analyze user authorization
- Create the ability to make authorization decisions in the application
- Extension of the application to include an option to generate basic reports for users and roles on separation of duties conflicts
- Implementation of the first version of the application in a highly sophisticated and complex IT environment at an international telecommunications and media operator. Implementation of changes to the application resulting from the customer's needs.