8 September 2024
In today’s fast-paced digital environment, organizations rely heavily on Enterprise Resource Planning (ERP) systems like SAP to manage business processes and data. SAP systems are integral […]
22 July 2024
In the last few days, many of us encountered one of the most widespread tech disruptions in recent memory. We have just witnessed how a small […]
16 November 2023
The GRC Ninja channel has released another episode focusing on emergency access and privileged management in ERP/IT systems. GRC SAP security experts Filip Nowak and Andrzej […]
25 May 2023
Part #5/5: Summary and conclusions The fifth and the last part of the article summarizes the topic. In this section, we will gather all the information […]
13 May 2023
Part #4/5: How to implement SoD and support for mitigating checks – tool layer The last stage of introducing mitigating controls to the organization is the implementation in systems and automation. […]
4 April 2023
Building a repository of mitigating controls requires a good understanding of the access risk, the system, and, above all, the context, i.e. business processes (and not […]
9 February 2023
Infrastructure in the area of IT enterprises and the constantly growing number of cyber threats are one of the main factors that have a direct influence […]
26 January 2023
In the previous part of our series part link, we concluded that managers responsible for business operations must decide when and in what situations the system […]
27 November 2022
Mitigating controls are control mechanisms implemented in business processes, for the purpose of limiting the access risk coming from the user excessive authorizations granted in ERP […]
24 October 2022
The implementation of additional mitigating controls is a frequent response from the company management in order to limit the risk of excessive (redundant or unnecessary) authorizations […]