In today’s fast-paced digital environment, organizations rely heavily on Enterprise Resource Planning (ERP) systems like SAP to manage business processes and data. SAP systems are integral […]
The GRC Ninja channel has released another episode focusing on emergency access and privileged management in ERP/IT systems. GRC SAP security experts Filip Nowak and Andrzej […]
Part #5/5: Summary and conclusions The fifth and the last part of the article summarizes the topic. In this section, we will gather all the information […]
Part #4/5: How to implement SoD and support for mitigating checks – tool layer The last stage of introducing mitigating controls to the organization is the implementation in systems and automation. […]
Building a repository of mitigating controls requires a good understanding of the access risk, the system, and, above all, the context, i.e. business processes (and not […]
Infrastructure in the area of IT enterprises and the constantly growing number of cyber threats are one of the main factors that have a direct influence […]
In the previous part of our series part link, we concluded that managers responsible for business operations must decide when and in what situations the system […]
Mitigating controls are control mechanisms implemented in business processes, for the purpose of limiting the access risk coming from the user excessive authorizations granted in ERP […]
The implementation of additional mitigating controls is a frequent response from the company management in order to limit the risk of excessive (redundant or unnecessary) authorizations […]