This document discusses implementing access and security controls across applications. It introduces Smart ERP Solutions and SafePaaS, who provide access management and governance risk and compliance software. It covers the benefits of centralized access management, including reducing internal abuse, automating controls, and monitoring risk. It demonstrates how the software can be deployed on-premises or in the cloud to manage access for multiple applications like Oracle and PeopleSoft. The presentation concludes by discussing next steps for a free controls consultation and product demonstration.
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Implementing access and security controls across your applications
1. Copyright Smart ERP Solutions and SafePaaS
Implementing Access and Security Controls across
your Applications
Lewis Hopkins – Applications Consultant
Eduardo Garibaldi – Director, Global Risk Advisory
2. Copyright Smart ERP Solutions and SafePaaS
Reminders
A recording of today’s session will be sent to all
registrants shortly after the webinar.
Phone lines/mics are MUTED.
There will be a Q & A section at the end of today’s
session. Please use the GoToWebinar “Questions”
feature (not the “Chat” feature) from your control panel
to post a question at any time during the presentation.
3. Copyright Smart ERP Solutions and SafePaaS
Agenda
• About Smart ERP & SafePaaS
• Access Management
• SafePaaS for managing Access Reviews
• Deployment
• Demo
• Next Steps
4. Copyright Smart ERP Solutions and SafePaaSCopyright Smart ERP Solutions and SafePaaS
About SmartERP & SafePaaS
5. Copyright Smart ERP Solutions and SafePaaSCopyright Smart ERP Solutions and SafePaaS
Achieve Best-In-Class Performance
Our mission is to provide innovative, configurable, flexible, cost-effective solutions
to common business challenges, enabling our clients to save time,
increase productivity, minimize costs, and maximize their return on investment.
Solutions
Business applications that
offer organizations an
end-to-end solution
providing the right design
and implementation from
start to finish.
Services
A 24/7 seasoned and
experienced staff of
experts to help you
implement your business
solutions efficiently and
effectively at a cost-
effective rate.
Cloud
Cloud applications
provide solutions built on
proven enterprise class
architecture that enable
high configurability and
ease of monitoring.
6. Copyright Smart ERP Solutions and SafePaaSCopyright Smart ERP Solutions and SafePaaS
Thought Leadership
• Co-Authored GRC Book: First
book on GRC for Oracle Applications
• Collaborate 18 –GRC Client
Appreciation Dinner
• Oracle Open World – Annual GRC
Dinner on October 2017- San
Francisco, CA
• LinkedIn –FulcrumWay Risk,
Compliance and Audit Software
Group
• International GRC Round Tables –
Sydney, London, Johannesburg,
Dubai See events page for details
SafePaaS
7. Copyright Smart ERP Solutions and SafePaaSCopyright Smart ERP Solutions and SafePaaS
Government Oil and Gas
Healthcare
Communications
Financial Services
Transportation Natural ResourcesManufacturing
Retail
High TechMedia/Entertainment Life Sciences
Clients
8. Copyright Smart ERP Solutions and SafePaaSCopyright Smart ERP Solutions and SafePaaS
Access Management
9. Copyright Smart ERP Solutions and SafePaaS
Access Management - Research
User Access – Common
Source of Internal Abuse
A Top Focus for IT Audits
Gartner survey: 44% of IT
audit deficiencies are IAM-
related
Ernst & Young: 7 of Top 10
control deficiencies relate
to user access control
PROTECTED
Information
Entitlement Creep
• Accumulated privileges
• Potential toxic combinations
• Increased risk of fraud
Privileged Users
• Users with “keys to kingdom”
• Poor visibility due to shared
accounts
Rogue Accounts
• Fake accounts created by criminals
• Undetected access and activity
• Data theft, fraud, and abuse
Orphan Accounts
• Poor de-provisioning
• High risk of sabotage, theft, fraud
10. Copyright Smart ERP Solutions and SafePaaS
Access Management – The Considerations
Access and SoD is not singular to one Application
• Applications are sharing Processes – e.g. Financials with Hyperion (for closing)
• Applications shared across deployments – On Premises and Cloud
How to complete the picture?
Roles, Permission Lists,
Components, Pages, +
Responsibilities, Functions,
Menus, +
12. Copyright Smart ERP Solutions and SafePaaS
Benefits
• Move from fragmented approaches
to centralized visibility and control
• Automate identity controls and
business processes
• A business-friendly layer linking
business users and processes to
underlying technology and technical
users
• Actively measures and monitors risk
associated with users and resources
13. Copyright Smart ERP Solutions and SafePaaS
Process
Provisioning
Life-cycle
Self
Service
Actions
Policy
Evaluation
Issue/
Remediation
Management
Regulatory
Reporting
Business
IT Sec
Help Desk
Users
Risk
Model
?
• Provisioning
&
Directory✗
AccessPaaS
• iAccess
• Roles Manager
• Access Monitor
• Policy Monitor
15. Copyright Smart ERP Solutions and SafePaaS
DEMO
Extract from E-Business Suite R12 – Financials
Extract from PeopleSoft 9.2 HCM
16. Copyright Smart ERP Solutions and SafePaaS
The Bigger Picture
MonitorPaaS
Operations Management
Audit Manager Audit PlannerCompliance Manager
Master Data Monitor
AuditPaaS
Transaction Monitor App Configuration Monitor Rules Repository
Access Monitor SOD Policy Monitor Roles Manager
AccessPaaS
iAccess Policy based provisioning
Issue Manager
Continuous Controls Monitoring
Audit and Compliance Automation
IT Governance
17. Copyright Smart ERP Solutions and SafePaaS
CCM Benefits
• Complete testing coverage …100%
• Improved timeliness of testing
• Consistent Results
• Remediation based on Trends Analysis
• Lower Risk with Faster Corrective Actions
18. Copyright Smart ERP Solutions and SafePaaS
Next Steps
• Free Controls consultation
– Current review to desired Outcomes
– Access Controls, SoD, User Provisioning
• Deep Dive Demo
– Review of User Provisioning
– Reports
– Proactively resolving Control issues
19. Copyright Smart ERP Solutions and SafePaaSCopyright Smart ERP Solutions and SafePaaS
For more information:
www.smarterp.com
Lewis.Hopkins@smarterp.com