smartReport

Segregation of duties (SoD) access risks and critical transaction reporting for
business and IT users

smartReport - SoD risks reporting

smartReport enables the efficient and cost-effective identification and remediation of redundant authorizations and segregation of duties (SoD) risks. Its application engine empowers the assessment of user authorization for critical transactions, addressing both business and technical considerations. The integrated reports enable a dual approach: assessing risks from a business viewpoint (identifying the risk) and from a technical standpoint (determining necessary authorization adjustments).

When is it worth it?

What the process may look like - ready solution

Summary - why is it worth using?

smartReport provides the means of determining the status of user authorizations in IT systems (ERP). A diagnosis allows to ascertain the direction needed to improve and restructure authorizations, and subsequently conduct a reverification of the actions taken. The goal is a ZERO tolerance for redundant system access and SoD risks. This is a simple task if the authorization administrator is provided with tool support.

Main functionalities of smartReport:

smartReport screen gallery

References

FAQ – find out more about smartReport

The smartGRC application is a separate stand-alone system, which can be installed in your personal environment or made available from the cloud. Installation of the system requires preparing an application server (Windows) and a database server (SQL).

The smartGRC application connects through a SAP interface dedicated to JAVA systems – a JCo connection. Standard SAP programs are used to download data from the SAP system, launched for reading data with parameters set by smartGRC.

3-4 weeks, assuming a standard process and the use of the standard SoD matrix available in the tool.

It offers a good library of SoD risks and sensitive access, and consultant expertise as to what to pay attention to when implementing SoD in an organisation. Our advantage is being familiar with the risks (auditing experience) and the technology (technical authorisations).

Yes, it can support any given system, including ones not based on ABAP technology, but in such a case it is necessary to prepare a dedicated connector, which may extend the implementation and installation process. Currently the system includes connectors to: Active Directory, Remedy, and Service desk.

smartReport is an indispensable service from the perspective of security of processes and business actions executed in a SAP system. Below you may find the answers to the most frequently asked questions about our solution.

I want to see how SoD works

Fill out the form below and we will contact you with a presentation of our offer and the capabilities of the module.