effective governance, risk and compliance management · pdf fileleveraging efficient solutions...
TRANSCRIPT
SOFY GRC
Effective governance, risk and
compliance management for
your ERP system
Overview SOD Conflicts Data Access
Security
Configuration
Risk Simulation
User Cockpit
26K
‘’Experience the newest
technologies in ERP analytics’’
Downloads Data
Role Cockpit
How can we overcome the lack in transparancy on
who can do what within the system?
What are my options for detecting conflicting
authorizations?
How can I gain insights in the general security
configuration and the confidentiality of data?
Where can I find support for analyzing segregation
of duty conflicts?
Managing your GRC issues
Better manage the risks in your organization
Detect and prevent compliance breaches
Reduce compliance desk efforts with efficient operations
Rely on high-end audit knowledge
Minimize expenses for GRC consulting
Migitate risks from conflicting roles
Make governance and compliance enjoyable
Leveraging efficient solutions
Introducing the SOFY GRC App
SOFY GRC solves a variety of business
problems regarding governance, risk and
compliance in Oracle, SAP and Microsoft
Dynamics and NAV ERP systems. Using an
unique cloud based approach data streams
are analyzed and exceptions identified in
real time. The solution is an accelerator to
implement solid GRC processes and
configuration.
The intuitive, transparent, and simple tool
has been developed for effective compliance
management in your ERP system. Real time
insights and alerts have can be used for the
benefit of detecting and preventing
compliance breaches.
The cloud service can be directly integrated
to your existing ERP backend and requires
minimal deployment and maintenance effort.
The integrated KPMG knowledgebase
makes user adoption and implementation
seamless.
How it works
GRC dashboards & analytics
Data access monitoring
Duty segregation monitoring
Authorization conflict checks
Security configuration analysis
SOFY GRC
Segregation of duties monitoring
24SoD conflicts
User configurationanalysis
Overview
GRC dashboards & analytics
The GRC summary dashboard offers a
quick insight to the key statistics of the
different modules. The dashboard
displays several powerful analytical
tools that provide exceptions on an
aggregated level for management.
SOD reporting supports managers in
the search for control over the
authorization setup. All SOD violations
are provided in detailed overviews.
Dynamic reporting capabilities allow
managers to investigate SOD violations
in-depth.
A tool that will assist in understanding
your user configuration. With this tool
the role (super-)user configuration within
the ERP system can be easily
assessed. User configuration statistics
are provided over a time-frame, thereby
exhibiting the occurrence important
changes.
Security
configuration
User - androle cockpit
Confidential data access monitoring
In our cockpits all results of the various
reports for a specific user or role are
functionally combined in a single
overview. For every user in your
organization you will now be able to see
which roles, conflicts, access to
confidential data apply to them. For
every role you will see the users with
that role and conflicts.
With this tool managers can analyze
user access requests and prevent
segregation of duty conflicts. Assigning
conflicting authorizations can be
prevented by using the risk simulation
tool. The simulation tool will support you
in the consideration of authorization
requests and prevents the alignment of
conflicting roles.
A tool designed help the management
understand how their confidential data is
secured within the organization. This
tool increases the security surrounding
your confidential data by learning which
people have access to most confidential
data in your ERP system. An overview
presents potentially confidential data
objects with the number of users with
access.
Authorization conflict simulation
With this tool managers can analyze
user access requests and prevent
segregation of duty conflicts. Assigning
conflicting authorizations can be
prevented by using the risk simulation
tool. The simulation tool will support you
in the consideration of authorization
requests and prevents the alignment of
conflicting roles.
User - and
role cockpit
Risk
simluation
Data access
Contact Information:
Rob PetersPartner, Management Consulting
T: +31 (0) 651546465E: [email protected]
Tony KantersManager, Management Consulting
T: +31(0) 651291619E: [email protected]
© 2015 KPMG Advisory N.V., registered with the trade register in the Netherlands under number 33263682, is a subsidiary of KPMG
Europe LLP and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative
(‘KPMG International’), a Swiss entity. All rights reserved. Printed in the Netherlands. The KPMG name, logo and ‘cutting through
complexity’ are registered trademarks of KPMG International.
Service & Implementation
Professional services
We believe that a combined offering of
our innovative solutions and services
from our experienced business
consultants further increases our added
value to your organization.
In short and focused advisory projects
we can quickly make a lasting impact
on your organization and realize
tangible improvements.
In addition our on-, near- and off-shore
delivery centers can provide various
managed services for the different
business apps we have available. By
trusting complex and non-core
processes to our skilled teams you can
focus on the things that directly
contribute to your business goals.
Implementation
The SOFY implementation process is
simple and straightforward. The effort
required to set up the data exchange is
limited, based on standard Microsoft/
SAP technology and well supported by
documentation and our support team.
Implementing SOFY can be done in just
a few days.
This service has been designed with
high security requirements and
standards. In addition a penetration test
has been performed as part of our
security policy.
The data centers that are used for our
cloud service comply with various
industry standards.
Security