sap-banner.jpg

SAP GRC Service

We at JKT offer a comprehensive suite of SAP GRC services to meet every need of our clients. We have a proven track record in managing & successfully delivering offshore / onsite projects. Our flexible and adaptable delivery model has been designed to suit the time, quality and budget demands of our customers. Our service offerings are as mentioned below:

1. Compliance and Security Audit

  • Review of SAP security, including SAP security parameters and technical configuration
  • Review of security process & organizational readiness
  • Basic review of authorization concepts & processes
  • Review of security patch management
  • Review of Baseline Security Policies and Procedures
  • Identifying potential vulnerabilities & risks
  • Recommending controls for mitigating risks

2. Authorization Management

  • Review of parameters and technical configuration
  • Review of role design, authorization design, authorization process, critical authorizations & change management processes
  • Review of Segregation of Duties
  • Identifying potential vulnerabilities & risks
  • Recommending controls for mitigating risks

3. Risk Management

  • Risk Planning – What business activities should be reviewed?
  • Risk Identification & Analysis – What events could prevent the organization in achieving their business objectives and how significant are they?
  • Risk Response – Recommend controls to mitigate the risks
  • Risk Monitoring – Establishing whether the controls are working efficiently & effectively
  • Implementation & Support of SAP GRC10 – Risk Management Module

4. Access Control

  • Risk Analysis & Remediation – Review of configuration and effectiveness of Segregation of Duties
  • Compliant User Provisioning – Review of user provisioning process, configuration and adequacy of controls
  • Enterprise Role Management – Review of role management process, configuration and adequacy of controls
  • Super User Privilege Management – Review of access of users performing emergency activities, its configuration and adequacy of controls
  • Implementation & Support of SAP GRC10 – Access Control Module
  • Support for upgrading from older to newer version

5. Process Control

  • Documenting Compliance Initiative – Defining compliance structure and identifying all relevant organizations, processes, risks & controls
  • Planning – Establishing assessment and test strategy
  • Assessments & Tests – Performing assessments, verifying configuration and establishing adequacy of controls
  • Remediating Issues – Review remediation of issues and establish adequacy of controls
  • Implementation of SAP GRC10 – Process Control Module
  • Support for upgrading from older to newer version

6. Mobile Applications

  • Creating mobile dashboards on iPad, other tablets and smart phones, for GRC components, highlighting the key risk areas and action items

KEY ENGAGEMENTS / CUSTOMERS

Hindustan Unilever Limited

Service Provided
  • Implementation of Security and GRC
  • Migration from VIRSA to GRC 5.3
  • Production Support (Level 2 & 3)

Unilever

Service Provided
  • Master data cleansing and loading
  • Audit and analysis of roles and authorizations
  • Advisory for SoD compliance
  • GRC and Authorization implementation and support
    • Locations Covered
      • Malaysia, Singapore, Mashreq and Maghreb, Central Africa, Bangladesh, Australia

Edwards – UK

Service Provided
  • SAP Security redesign and SoD Compliance
  • Number of roles brought down from over 17,000 to 400+
  • SoD conflicts those were un remediated over the years are simplified and are in the process of proper remediation
  • This is also aiding Edwards to go public in the USA for SoD and SoX compliance

Comments are closed.