Академический Документы
Профессиональный Документы
Культура Документы
Compliance
Stephen DuBravac
Executive Vice President
SECURITY WEAVER
What matters
1
50K +
2x
abuse(1)
How can
enterprises
simultaneously:
make
compliance a
non-event,
drive
operational
efficiencies,
elevate the
value of risk
management
increase profits
2
Agenda
Introduction
Resources
SECURITY WEAVER
Enterprise Application Compliance Simplified
Security Weaver
Trusted, Proven, Growing
Security Weaver is a best-of-breed compliance
application suite that integrates with any SAP
environment to quickly and easily control enterprise
cross-application compliance risk in real-time.
Headquarter
Founded
2004
Solutions
Clients
Geography
Services
SECURITY WEAVER
Enterprise Application Compliance Simplified
Agenda
Resources
SECURITY WEAVER
Enterprise Application Compliance Simplified
Strategic
Drive
up
Compliance
Process effectiveness
Breadth of control
Control effectiveness
Audit cadence
Adaptiveness
Cycle time
Validation scope
Visibility
Better business decisions
Drive
down
Cost efficiencies
Risks
Cost of controls
Cost of research
Cost of penalties & fines
Cost of audit
Economic risk
Reputational risk
Operational risk
Audit shocks
SECURITY WEAVER
Enterprise Application Compliance Simplified
Agenda
Introduction
Exploit all kinds of automation benefits
3
Resources
SECURITY WEAVER
Enterprise Application Compliance Simplified
Collaborative
Preventative
Insightful
Audit efficiency
Process
efficiencies and
effectiveness
Correlated with
business and
market data
Example: SOD
rules matrix
Level 1:
Auditor Driven
Example: RT
process controls
Example:
compliant
automated user
provisioning
Level 2:
Auditor
Anticipated
Level 3:
Process
Optimized
SECURITY WEAVER
Enterprise Application Compliance Simplified
Business
outcomes
Example:
consolidated
reporting
Level 4
Business
Optimized
10
Leverage
1st things 1st
SECURITY WEAVER
Enterprise Application Compliance Simplified
11
Big Blocks
Power/Space
Processes &
training
Maint
Software
Acquire
Cost
Maint &
integrations
ETL
Sourcing
Complexity
SECURITY WEAVER
Enterprise Application Compliance Simplified
12
Iterate
Leverage
1st things 1st
SECURITY WEAVER
Enterprise Application Compliance Simplified
13
Detect
Correct
Prevent
Prove
(when: cadence
and signals)
(quantify the
business case)
Reuse
(Framework and technology stack)
SECURITY WEAVER
Enterprise Application Compliance Simplified
14
Transaction analytics
ROIC
15
16
Implementation sequencing
A sustainable management methodology
Risk
weighting(1)
Time to
ROI implement
Total Audit
costs criticality
Total
Option
1
Option
2
Option
3
Option
4
Option
n
(1)Risk
17
Value People
Iterate
Leverage
1st things 1st
SECURITY WEAVER
Enterprise Application Compliance Simplified
18
5. Keep it simple
6. Conduct follow up studies after each phase
19
SECURITY WEAVER
Enterprise Application Compliance Simplified
20
What matters
140K
How can
enterprises
simultaneously:
53%
make
compliance a
non-event,
>83%
>1/2
drive
operational
efficiencies,
elevate the
value of risk
management
increase profits
21
Get continuous
Value People
Iterate
Leverage
1st things 1st
SECURITY WEAVER
Enterprise Application Compliance Simplified
22
SECURITY WEAVER
Enterprise Application Compliance Simplified
23
24
Strategic
Drive
up
Compliance
Process effectiveness
Breadth of control
Control effectiveness
Audit cadence
Adaptiveness
Cycle time
Validation scope
Visibility
Better business decisions
Drive
down
Cost efficiencies
Risks
Cost of controls
Cost of research
Cost of penalties & fines
Cost of audit
Economic risk
Reputational risk
Operational risk
Audit shocks
SECURITY WEAVER
Enterprise Application Compliance Simplified
25
Problem
Solution
Result
User Access and SOD Compliance
The implementation speed, intuitive user
handling and the value of immediate
usage of the product without major
customizing led Siemens AG, amongst
other key features like application
handling, reporting efficiency and
integration within SAP, to the purchase of
Security Weaver, -- Michael Brauer,
head of Siemens CIO CA/Program
Manager for P2P Data Assurance.
SECURITY WEAVER
Enterprise Application Compliance Simplified
26
Agenda
Introduction
Exploit all kinds of automation benefits
Optimize ROI of automation
4
Resources
SECURITY WEAVER
Enterprise Application Compliance Simplified
27
Resources
- SecurityWeaver.com
Customized training
Formal training
Product and solution details
Free SOD evaluations and product trials
www.erpcontrol.com
SECURITY WEAVER
Enterprise Application Compliance Simplified
28
Customers include
SECURITY WEAVER
Enterprise Application Compliance Simplified
29
0$
<6
100%
How can
enterprises
simultaneously:
make
compliance a
non-event,
drive
operational
efficiencies,
elevate the
value of risk
management
increase profits
30
Thank You
SECURITY WEAVER
32
Superior Performance:
- accomplish compliance work in least time possible
Proven:.
- leverage existing SAP Capabilities
- POC in less than 5 days and receive a thorough findings report,
ROI analysis, and project plan.
SECURITY WEAVER
Enterprise Application Compliance Simplified
33
Modules
Critical Access Monitoring & Reporting
Separations Enforcer (SE)
Tool to manage Segregations of Duties (SOD)
Delivered with a best practice SOD rule set
Dash
Management Reporting and Analytics
Secure Enterprise
Integration Layer for Non-SAP systems
Secure Provisioning
(SP)
Process Auditor
(PA)
(Transaction monitoring
and auditing)
Emergency Repair
(ER)
Role Driver
(RD)
(Emergency Access
Mgmt.)
(Role Administration)
Reset Password
(RP)
Dash
Management Reporting and Analytics
Enterprise
Application
Compliance
(Enterprise Password
Management)
License Manager
(LM)
(Enterprise Software
Asset Management)
Separations Enforcer
(SE)
(SOD & CA Reporting)
Security Weaver
Enterprise Applications
ERP, Legacy, Other
SECURITY WEAVER
Enterprise Application Compliance Simplified
34