About BWise

Blog

Call to arms: SAP and Oracle

February 24, 2011 by
Filed under: Governance, Risk and Compliance

Today a topic close to my heart. As some of you might know, I am heavily involved in our development of the continuous controls monitoring suite. It's a developing and evolving area that more and more companies are seeing as the next line of defense, or one that can make all others more easy. It's also a precondition for continuous auditing in my opinion, but that's something I will discuss in a new Data Analytics for GRC whitepaper due in a few weeks. ;)
One of the first areas relevant for monitoring, one that is a precondition for all system controls to work and provide assurance, one that is more or less a commodity nowadays (like airbags in a new car) is the monitoring of authorizations. There are many suites available that somehow look at these security profiles but there are some specifics that are unique to the BWise proposition:
  • SAP and Oracle authorizations
  • cross system (same ERP and different ones) analysis
  • project based (no need for live connections, we can support USB-stick extractions for audit departments)
  • in depth analysis of function roles, menu paths and actual authorization objects
  • workflow for requesting business owner signoff for his individual users (and user termination reviews)
  • automatic trending and advanced reporting on Segregation of Duties conflicts
  • combination of actual tasks performed in the ERP and resulting documents (e.g what invoices were created and released for payment by the same user and for what amounts)
Really, there is a lot of additional benefits of monitoring this from within your BWise system and it provides you a simple step to start using Continuous Control Monitoring for other data in later stages. We provide best practice rule sets for SAP and Oracle so that you can hit the ground running. If these best practices show you that your authorization design is flawed, our experienced consultants can even help you to improve it! :)

Now, it starts to sound like a sales pitch, which partly is my job. But often do i see customers that are using BWise that are also working on improving their authorizations in the ERP systems. BWise aims to be an umbrella GRC solution that can cover most if not all of your GRC pains and wouldn't it be great to combine all in one? Either through integration or through having our own functionality we will try to make your lives easier. So, reach out, and we will reach out to you.

Tags: BWise, GRC

More Information

What is GRC?

Read the definition of Governance, Risk and Compliance


Gartner ORM report

Nasdaq's BWise has been positioned as a Leader in Gartner's Magic Quadrant for Operational Risk Management Report, 2015. 


Forrester report

Forrester positioned Nasdaq BWise as a Leader in New Report, The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2016.


Why BWise

Download the brochure: Three Key Reasons why Hundreds of Customers Rely on Nasdaq BWise.

Scroll up