SlideShare una empresa de Scribd logo

XsXprt, a User Access Compliance and License Management tool for SAP

Gourav Ladha
Gourav Ladha

XsXprt is a User Access Compliance and License Management tool designed for SAP. It help reduce User license cost and facilitate various internal and external compliances. It acts as a decision support system that allows timely identification and resolution of user access related issues and conflicts. Some of the key features are:  Identification of segregation of duties (SOD) conflicts and access to sensitive business transactions  Assist in cleaning up of user accounts and save on license cost  Help manage various local and international compliance requirements  Reduces cost of compliances by reducing the effort of SAP administrator and Auditors  Simulations for identification of conflicts even before granting new authorizations  Near Real-time analysis and Infographic dashboard allowing faster decision making

Software
1 de 22
Descargar para leer sin conexión
Private & Confidential. Product Overview
EW Consultants Private Limited. Private & Confidential. Contents 2 ❯ Challenges with User Access in SAP ERP System X ❯ Need for Automated Access Controls tools X ❯ About Us X ❯ Our Team X ❯ About XsXprt X ❯ Product Overview X ❯ Key Features X ❯ Value Added Features X ❯ Value Delivered X ❯ Annexures X
Challenges with User Access in SAP ERP System
EW Consultants Private Limited. Private & Confidential. 4 Challenges with User Access in SAP ERP System ❯ Difficulty in identifying who (users) has what (access)? ❯ How to provide assurance to the auditors that user access controls are in place? ❯ SUIM report unable to provide holistic view of the segregation of duties (SOD) conflicts? ❯ How to ensure the security of data and prevent fraud from happening in SAP? ❯ How to ensure that users are getting authorizations based on their roles & responsibilities? ❯ How to check the addition or modification in authorizations will not lead to SOD Conflicts? ❯ Difficulty in managing access change requests and getting appropriate approvals for them? ❯ Are user licenses efficiently managed to save the company from paying penalties due to SAP EULA violations? ❯ SAP Administration team wasting productive time and effort in building reports every month/quarter
Need for Automated Access Controls tools
EW Consultants Private Limited. Private & Confidential. 2013 Sarbanes-Oxley Compliance Survey, conducted by Protiviti: 6 Need for Automated Access Controls tools ‘Are You Doing Enough to Prevent Access Risk and Fraud?’ A study on SAP Customers conducted by insiderPROFILES
EW Consultants Private Limited. Private & Confidential. There are more than one reason that requires Managements of small, medium and large organizations to look for automation of user access controls. Below are some of the compliances, beside statutory audits, which requires assessment of user access controls on a periodic basis: ❯ Section 177(4)(vii) and 143(3)(i) of the Indian Companies Act 2013 ❯ Sarbanes Oxley (SOX) ❯ J-SOX ❯ HIPAA ❯ PCI ❯ GLBA ❯ ISO 9004:2009 ❯ ISO 19011:2011 ❯ SSAE 16 ❯ GS007 SAP ECC is the leading ERP system in the world with over 253,500* customers worldwide. It is a very complex application security design that requires a specialized skill set and tool to assess the strength and weaknesses of user access and the grass root level. 7 Compliances impacting User Access Controls Disclaimer: * Facts and Figures obtained from SAP.com ** SAP, R/3, mySAP, NetWeaver and ABAP are legal trademarks of the SAP AG, Walldorf.
About Us
EW Consultants Private Limited. Private & Confidential. EW Consultants Pvt. Ltd. We offer a wide range of services in four major domains i.e. People, Process, ERP Systems and IT Infrastructure. Our service offerings are classified into Risk Advisory, Consulting, Business Solutions and Training. Our Business Solutions division focuses on developing enterprise applications. We have a team of dedicated, experienced and highly qualified advisory professionals who have worked for ‘Fortune 500’ clients across countries including US, UK, Europe, APAC, UAE and India. Our team comprises of CA, MBA, CISA, ISO 9000 Auditor, Engineers and SAP Certified professionals. Our team comes from diverse Big4 backgrounds, bringing extensive delivery and project management experience for rendering risk advisory services. Along with SAP ECC system, our team has hand-on experiences working on leading audit tools such as SAP GRC Access Controls, Approva Bizright Access Controls, etc. We are supported by our team of domains experts and business partners bringing combined experience of over 500 man-years, to help us deliver best of our services. We are also fortunate in receiving guidance from our advisory board, a team of senior management executives such as CFO's, CIO's from various industries in India and globally. 9 About Us Risk Advisory Consulting Business Solutions Training
EW Consultants Private Limited. Private & Confidential. 10 About Us IT Infrastructure ERP System Process People We provide One-stop solution for all your business needs… Our Capabilities
Our Team
EW Consultants Private Limited. Private & Confidential. 12 Our Team – Gourav Ladha
About XsXprt
EW Consultants Private Limited. Private & Confidential. XsXprt TM , is an user access and compliance management tool designed to work with SAP ERP system. It acts as a decision support system that will allow you to timely identify and fix user access violations. XsXprt is designed to manage various internal and external compliances. It provides deeper insight of user access through its comprehensive reports and simulators. XsXprt bring to you the leading industry control practices, through the vast experience our experts from diversified sectors. Primary objectives: ❯ Identification of Segregation of Duties (SOD) violations and access to sensitive business functions ❯ Providing assurance to auditors on user access controls ❯ Building strong internal controls to prevent unauthorized access ❯ Actively monitoring usage of licenses and health check of users access ❯ Reducing cost of compliance and preparing for compliance audits such as SOX Leveraging our years of global experience in SAP Risk Advisory, focused on User access risk management and Segregation of duties controls, we bring to you an advanced automated solution for smartly managing user access controls in SAP. 14 Product Overview
EW Consultants Private Limited. Private & Confidential. ❯ Risk Management ❯ Quickly identify access risk such as super user access and SOD violations that may lead to do fraud or misreporting ❯ Compliance reporting ❯ Adhere to the current and future compliance requirements of the regulatory bodies, using our comprehensive reports ❯ Auditor Assurance ❯ Provide assurance to your internal and external auditors by providing real-time audit data per their requirements ❯ Business specific rules and matrices ❯ Design your own custom rule books from our huge repository of SOD rules and assess the state of your user access ❯ User access provisioning ❯ Be proactive and check possible ‘what-if’ violation scenarios using our dynamic simulators before assigning new authorizations ❯ License cost management ❯ Take control of your SAP user license utilizations to manage license cost and SAP license audits 15 Key Features
EW Consultants Private Limited. Private & Confidential. ❯ Rule enhancement ❯ Our innovation to automatically manage rules in the rulebooks with dynamically changing user access ❯ Dynamic workflow ❯ A comprehensive and customizable workflow with high security and email alerts to ensure approval process can be automated ❯ Statistical measures ❯ Statistically computed risk scores to help categorize the users in to groups per their risk levels ❯ Infographic dashboard ❯ Infographic view of the user access issues to provide a bird-eye view for the management to devise an action plan ❯ In-memory processing ❯ Built with in-memory capabilities to provide you faster processing and scalability (tested on data of 9000+ users) ❯ User-friendly design ❯ Interface designed to provide user comfort for any technical / functional user to work with ease 16 Value Added Features
EW Consultants Private Limited. Private & Confidential. Administrator: ❯ In-built rule-set repository to assist in evaluation of gaps ❯ Reduction in effort for managing user access and change request ❯ Get real-time state of user access and violations using smart reports ❯ High speed in-memory data processing to save time and optimized resource utilization ❯ SAP Certified Integration to ensure safety of data Management: ❯ Infographic dashboard and variety of reports to provide a bird-eye view of access to SAP ❯ Audit and compliance readiness ❯ Reduction in cost of compliance ❯ No need to spend on expensive IT infrastructure and implementation projects ❯ Improved assurance on user access controls Process Owners: ❯ Simplified process for requesting and reviewing access ❯ Take ownership of user access based on defined roles & responsibilities Auditors: ❯ Quick and accurate assessment of gaps using detailed reports ❯ Increased reliability on audit data as compared to traditional methods 17 Value Delivered
Annexure
EW Consultants Private Limited. Private & Confidential. Background: HDFC Standard Life Insurance Company Limited (HDFC Life) is one of the leading private life insurance companies in India. HDFC Life implemented SAP in December 2009 with over 1700 users. Challenges: Since the implementation of SAP at HDFC Life, they were facing challenges in managing their user access based on their roles and responsibilities: ❯ Continuously changing access requirements of the business users ❯ Extensive employee movements new joiners, transfers, terminations, etc. ❯ Managing change request w.r.t. 2000+ roles assigned to 1700+ users, in SAP ❯ Difficulty in maintaining segregation of duties and access to sensitive business transactions ❯ Pressure from management and external auditors to ensure user access compliance and many more…. Solution: ❯ Identifying gaps ❯ Suggesting solution for remediation ❯ Redesigning existing roles ❯ Realigning user access provisioning process 19 Case Study Result of the exercise: As a result of the project, their were visible improvements in the user access and process also got streamlined. However, managing this process manually was still a challenge. User access optimization exercise was able to provide them immediate resolution of issues, however managing user access in a long run required more then spreadsheets. To manage this activity on a continuous basis they required an automated solution. A tool that can help them perform preventive checks before granting access to users, based on this new SOD matrix. Implementation of XsXprt: Considering this challenge, we suggested them to leverage our user access and compliance management tool - ‘XsXprt’. XsXprt is an advanced tool capable of performing both what-if simulations and providing conflict reports within the SAP user access. It provides deeper insight of user access on a near real- time basis. It can help identify and remediate gaps affecting user access in SAP. How XsXprt helped: ❯ Reducing their overall time and effort in managing access ❯ Enabling daily check for possible SOD conflicts ❯ Acting on issues related to user access, licensing and overall health-check, using detailed report ❯ High speed data processing and silent data extraction using seamless integration with SAP
EW Consultants Private Limited. Private & Confidential. Software: ❯ Operating System: Windows Server 2008 onwards ❯ Database: Microsoft SQL Server 2008 R2 onwards ❯ IIS: Version 7.0 onwards ❯ ASP.Net Framework: version 4.0 onwards ❯ Xtract IS Hardware: ❯ Storage: 40-50 GB ❯ Memory: 6-8 GB RAM Deployment: ❯ Time required: 2-3 days ❯ Custom Rule-set development: 12-15 days (optional) 20 Application Perquisites
EW Consultants Private Limited. Private & Confidential. 21 XsXprt - Preview
Thank You. Gourav Ladha MBA, SAP Certified Director Mobile : +91-971-295-2955 Email: gourav.ladha@ewcindia.co.in www.ewcindia.co.in +91-79-65444107 G-402, Titanium City Centre, Anand Nagar 100 Feet Road, Satellite, Ahmedabad - 380015 EW Consultants Private Limited

Recomendados

SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management OverviewSAP Technology
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online traininggrconlinetraining
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 CA CISA Jayjit Biswas
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Sap grc-access-control-solution
Sap grc-access-control-solutionSap grc-access-control-solution
Sap grc-access-control-solutionAnywhere Gondodza SAP.GRC.FI.B.COM.ACC.HONS (MSU)
 
SAP grc
SAP grc SAP grc
SAP grc smadhu29
 
Profiling for SAP - Compliance Management, Access Control and Segregation of ...
Profiling for SAP - Compliance Management, Access Control and Segregation of ...Profiling for SAP - Compliance Management, Access Control and Segregation of ...
Profiling for SAP - Compliance Management, Access Control and Segregation of ...TransWare AG
 
Security & Segregation of Duties for PeopleSoft
Security & Segregation of Duties for PeopleSoftSecurity & Segregation of Duties for PeopleSoft
Security & Segregation of Duties for PeopleSoftSmart ERP Solutions, Inc.
 

Recomendados

SAP Identity Management Overview
SAP Identity Management OverviewSAP Identity Management Overview
SAP Identity Management OverviewSAP Technology
 
Sap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online trainingSap GRC Basic Information | GRC 12 online training
Sap GRC Basic Information | GRC 12 online traininggrconlinetraining
 
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015
Segregation of duties in SAP @ ISACA Pune presentation on 18.4.2015 CA CISA Jayjit Biswas
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Sap grc-access-control-solution
Sap grc-access-control-solutionSap grc-access-control-solution
Sap grc-access-control-solutionAnywhere Gondodza SAP.GRC.FI.B.COM.ACC.HONS (MSU)
 
SAP grc
SAP grc SAP grc
SAP grc smadhu29
 
Profiling for SAP - Compliance Management, Access Control and Segregation of ...
Profiling for SAP - Compliance Management, Access Control and Segregation of ...Profiling for SAP - Compliance Management, Access Control and Segregation of ...
Profiling for SAP - Compliance Management, Access Control and Segregation of ...TransWare AG
 
Security & Segregation of Duties for PeopleSoft
Security & Segregation of Duties for PeopleSoftSecurity & Segregation of Duties for PeopleSoft
Security & Segregation of Duties for PeopleSoftSmart ERP Solutions, Inc.
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grchkodali
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introductionwardell henley
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts WSO2
 
IdM FinalVer
IdM FinalVerIdM FinalVer
IdM FinalVerKiril Anastasov
 
Automating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsAutomating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsSmart ERP Solutions, Inc.
 
CAS One-Sheet-IT
CAS One-Sheet-ITCAS One-Sheet-IT
CAS One-Sheet-ITMichael Davis
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?C/D/H Technology Consultants
 
Entitlement and Access Manegement
Entitlement and Access ManegementEntitlement and Access Manegement
Entitlement and Access ManegementAxis Technology, LLC
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIBM Sverige
 
GLDNHRN ONEIT SDM
GLDNHRN ONEIT SDMGLDNHRN ONEIT SDM
GLDNHRN ONEIT SDMYalcin Gerek
 
People soft risks and controls for educational institutions
People soft risks and controls for educational institutionsPeople soft risks and controls for educational institutions
People soft risks and controls for educational institutionsSmart ERP Solutions, Inc.
 
Identity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersIdentity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersAndrew Ames
 
Resume-18-5-16
Resume-18-5-16Resume-18-5-16
Resume-18-5-16Anuj Kumar
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Entitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperEntitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperAxis Technology, LLC
 
ERP Security as a Service 2017
ERP Security as a Service 2017ERP Security as a Service 2017
ERP Security as a Service 2017Jane Jones
 
SAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceSAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceTLI GrowthSession
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070retheauditors
 
EW Consultants - Company Profile
EW Consultants - Company ProfileEW Consultants - Company Profile
EW Consultants - Company ProfileGourav Ladha
 
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle AppsSroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle AppsJane Jones
 
Gourav ladha - Profile
Gourav ladha - ProfileGourav ladha - Profile
Gourav ladha - ProfileGourav Ladha
 

Más contenido relacionado

La actualidad más candente

081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grchkodali
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introductionwardell henley
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts WSO2
 
Automating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsAutomating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsSmart ERP Solutions, Inc.
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?C/D/H Technology Consultants
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIBM Sverige
 
People soft risks and controls for educational institutions
People soft risks and controls for educational institutionsPeople soft risks and controls for educational institutions
People soft risks and controls for educational institutionsSmart ERP Solutions, Inc.
 
Identity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersIdentity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersAndrew Ames
 
Resume-18-5-16
Resume-18-5-16Resume-18-5-16
Resume-18-5-16Anuj Kumar
 
Entitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperEntitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperAxis Technology, LLC
 
ERP Security as a Service 2017
ERP Security as a Service 2017ERP Security as a Service 2017
ERP Security as a Service 2017Jane Jones
 
SAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceSAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceTLI GrowthSession
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070retheauditors
 

La actualidad más candente (19)

Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access Management
 
081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc081712 isaca-atl-auditing sap-grc
081712 isaca-atl-auditing sap-grc
 
Iam suite introduction
Iam suite introductionIam suite introduction
Iam suite introduction
 
Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts Identity and Entitlement Management Concepts
Identity and Entitlement Management Concepts
 
IdM FinalVer
IdM FinalVerIdM FinalVer
IdM FinalVer
 
Automating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and FinancialsAutomating PeopleSoft Segregation of Duties: HCM and Financials
Automating PeopleSoft Segregation of Duties: HCM and Financials
 
CAS One-Sheet-IT
CAS One-Sheet-ITCAS One-Sheet-IT
CAS One-Sheet-IT
 
Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?Identity Management: What Solution is Right for You?
Identity Management: What Solution is Right for You?
 
Entitlement and Access Manegement
Entitlement and Access ManegementEntitlement and Access Manegement
Entitlement and Access Manegement
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
 
GLDNHRN ONEIT SDM
GLDNHRN ONEIT SDMGLDNHRN ONEIT SDM
GLDNHRN ONEIT SDM
 
People soft risks and controls for educational institutions
People soft risks and controls for educational institutionsPeople soft risks and controls for educational institutions
People soft risks and controls for educational institutions
 
Identity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare ProvidersIdentity Management: Front and Center for Healthcare Providers
Identity Management: Front and Center for Healthcare Providers
 
Resume-18-5-16
Resume-18-5-16Resume-18-5-16
Resume-18-5-16
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
 
Entitlements Management Strategy-White Paper
Entitlements Management Strategy-White PaperEntitlements Management Strategy-White Paper
Entitlements Management Strategy-White Paper
 
ERP Security as a Service 2017
ERP Security as a Service 2017ERP Security as a Service 2017
ERP Security as a Service 2017
 
SAP Governance,Risk and Compliance
SAP Governance,Risk and ComplianceSAP Governance,Risk and Compliance
SAP Governance,Risk and Compliance
 
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
SAS 70 in a Post-Sarbanes, SaaS World: Quest Session 52070
 

Similar a XsXprt, a User Access Compliance and License Management tool for SAP

EW Consultants - Company Profile
EW Consultants - Company ProfileEW Consultants - Company Profile
EW Consultants - Company ProfileGourav Ladha
 
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle AppsSroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle AppsJane Jones
 
Gourav ladha - Profile
Gourav ladha - ProfileGourav ladha - Profile
Gourav ladha - ProfileGourav Ladha
 
Sap risk advisory 2013
Sap risk advisory 2013Sap risk advisory 2013
Sap risk advisory 2013Nidhi Gupta
 
Sap risk advisory 2013
Sap risk advisory 2013Sap risk advisory 2013
Sap risk advisory 2013Nidhi Gupta
 
Stay Two Steps Ahead of Your Auditor
Stay Two Steps Ahead of Your Auditor Stay Two Steps Ahead of Your Auditor
Stay Two Steps Ahead of Your Auditoreprentise
 
18 May 2017 - Vuzion Love Cloud
18 May 2017 - Vuzion Love Cloud18 May 2017 - Vuzion Love Cloud
18 May 2017 - Vuzion Love CloudVuzion
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringEmma Kelly
 
Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...
Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...
Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...Oracle
 
About Rixyncs Inc Ver 1.0
About Rixyncs Inc Ver 1.0About Rixyncs Inc Ver 1.0
About Rixyncs Inc Ver 1.0skumar063
 
Accenture HR Audit and Compliance as-a-service_Classic_Discovery
Accenture HR Audit and Compliance as-a-service_Classic_DiscoveryAccenture HR Audit and Compliance as-a-service_Classic_Discovery
Accenture HR Audit and Compliance as-a-service_Classic_DiscoveryAccenture Software for HCM
 
The Evolution of the Enterprise Operating Model - Ryan Lockard
The Evolution of the Enterprise Operating Model - Ryan LockardThe Evolution of the Enterprise Operating Model - Ryan Lockard
The Evolution of the Enterprise Operating Model - Ryan Lockardagilemaine
 
Mann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRCMann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRCMann-India
 
Brochure Auditing Erp System V2
Brochure Auditing Erp System V2Brochure Auditing Erp System V2
Brochure Auditing Erp System V2agc infotech
 
webwheel technologies corporate profile
webwheel technologies corporate profilewebwheel technologies corporate profile
webwheel technologies corporate profileWebwheel Technologies
 

Similar a XsXprt, a User Access Compliance and License Management tool for SAP (20)

EW Consultants - Company Profile
EW Consultants - Company ProfileEW Consultants - Company Profile
EW Consultants - Company Profile
 
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle AppsSroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
Sroaug October 27 2017 Learn to Streamline User Provisioning in Oracle Apps
 
Gourav ladha - Profile
Gourav ladha - ProfileGourav ladha - Profile
Gourav ladha - Profile
 
Sap risk advisory 2013
Sap risk advisory 2013Sap risk advisory 2013
Sap risk advisory 2013
 
Sap risk advisory 2013
Sap risk advisory 2013Sap risk advisory 2013
Sap risk advisory 2013
 
Sap risk advisory 2013
Sap risk advisory 2013Sap risk advisory 2013
Sap risk advisory 2013
 
Stay Two Steps Ahead of Your Auditor
Stay Two Steps Ahead of Your Auditor Stay Two Steps Ahead of Your Auditor
Stay Two Steps Ahead of Your Auditor
 
SAP GRC
SAP GRC SAP GRC
SAP GRC
 
18 May 2017 - Vuzion Love Cloud
18 May 2017 - Vuzion Love Cloud18 May 2017 - Vuzion Love Cloud
18 May 2017 - Vuzion Love Cloud
 
Gain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls MonitoringGain business insight with Continuous Controls Monitoring
Gain business insight with Continuous Controls Monitoring
 
Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...
Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...
Symantec, Facebook and Navillus - a comprehensive approach to securing & moni...
 
About Rixyncs Inc Ver 1.0
About Rixyncs Inc Ver 1.0About Rixyncs Inc Ver 1.0
About Rixyncs Inc Ver 1.0
 
eRMS
eRMSeRMS
eRMS
 
Accenture HR Audit and Compliance as-a-service_Classic_Discovery
Accenture HR Audit and Compliance as-a-service_Classic_DiscoveryAccenture HR Audit and Compliance as-a-service_Classic_Discovery
Accenture HR Audit and Compliance as-a-service_Classic_Discovery
 
shravan
shravanshravan
shravan
 
GRC IMPRIVA
GRC IMPRIVAGRC IMPRIVA
GRC IMPRIVA
 
The Evolution of the Enterprise Operating Model - Ryan Lockard
The Evolution of the Enterprise Operating Model - Ryan LockardThe Evolution of the Enterprise Operating Model - Ryan Lockard
The Evolution of the Enterprise Operating Model - Ryan Lockard
 
Mann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRCMann-India_SAP_Service-Offering_GRC
Mann-India_SAP_Service-Offering_GRC
 
Brochure Auditing Erp System V2
Brochure Auditing Erp System V2Brochure Auditing Erp System V2
Brochure Auditing Erp System V2
 
webwheel technologies corporate profile
webwheel technologies corporate profilewebwheel technologies corporate profile
webwheel technologies corporate profile
 

Último

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 

Último (20)

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 

XsXprt, a User Access Compliance and License Management tool for SAP

  • 2. EW Consultants Private Limited. Private & Confidential. Contents 2 ❯ Challenges with User Access in SAP ERP System X ❯ Need for Automated Access Controls tools X ❯ About Us X ❯ Our Team X ❯ About XsXprt X ❯ Product Overview X ❯ Key Features X ❯ Value Added Features X ❯ Value Delivered X ❯ Annexures X
  • 3. Challenges with User Access in SAP ERP System
  • 4. EW Consultants Private Limited. Private & Confidential. 4 Challenges with User Access in SAP ERP System ❯ Difficulty in identifying who (users) has what (access)? ❯ How to provide assurance to the auditors that user access controls are in place? ❯ SUIM report unable to provide holistic view of the segregation of duties (SOD) conflicts? ❯ How to ensure the security of data and prevent fraud from happening in SAP? ❯ How to ensure that users are getting authorizations based on their roles & responsibilities? ❯ How to check the addition or modification in authorizations will not lead to SOD Conflicts? ❯ Difficulty in managing access change requests and getting appropriate approvals for them? ❯ Are user licenses efficiently managed to save the company from paying penalties due to SAP EULA violations? ❯ SAP Administration team wasting productive time and effort in building reports every month/quarter
  • 5. Need for Automated Access Controls tools
  • 6. EW Consultants Private Limited. Private & Confidential. 2013 Sarbanes-Oxley Compliance Survey, conducted by Protiviti: 6 Need for Automated Access Controls tools ‘Are You Doing Enough to Prevent Access Risk and Fraud?’ A study on SAP Customers conducted by insiderPROFILES
  • 7. EW Consultants Private Limited. Private & Confidential. There are more than one reason that requires Managements of small, medium and large organizations to look for automation of user access controls. Below are some of the compliances, beside statutory audits, which requires assessment of user access controls on a periodic basis: ❯ Section 177(4)(vii) and 143(3)(i) of the Indian Companies Act 2013 ❯ Sarbanes Oxley (SOX) ❯ J-SOX ❯ HIPAA ❯ PCI ❯ GLBA ❯ ISO 9004:2009 ❯ ISO 19011:2011 ❯ SSAE 16 ❯ GS007 SAP ECC is the leading ERP system in the world with over 253,500* customers worldwide. It is a very complex application security design that requires a specialized skill set and tool to assess the strength and weaknesses of user access and the grass root level. 7 Compliances impacting User Access Controls Disclaimer: * Facts and Figures obtained from SAP.com ** SAP, R/3, mySAP, NetWeaver and ABAP are legal trademarks of the SAP AG, Walldorf.
  • 9. EW Consultants Private Limited. Private & Confidential. EW Consultants Pvt. Ltd. We offer a wide range of services in four major domains i.e. People, Process, ERP Systems and IT Infrastructure. Our service offerings are classified into Risk Advisory, Consulting, Business Solutions and Training. Our Business Solutions division focuses on developing enterprise applications. We have a team of dedicated, experienced and highly qualified advisory professionals who have worked for ‘Fortune 500’ clients across countries including US, UK, Europe, APAC, UAE and India. Our team comprises of CA, MBA, CISA, ISO 9000 Auditor, Engineers and SAP Certified professionals. Our team comes from diverse Big4 backgrounds, bringing extensive delivery and project management experience for rendering risk advisory services. Along with SAP ECC system, our team has hand-on experiences working on leading audit tools such as SAP GRC Access Controls, Approva Bizright Access Controls, etc. We are supported by our team of domains experts and business partners bringing combined experience of over 500 man-years, to help us deliver best of our services. We are also fortunate in receiving guidance from our advisory board, a team of senior management executives such as CFO's, CIO's from various industries in India and globally. 9 About Us Risk Advisory Consulting Business Solutions Training
  • 10. EW Consultants Private Limited. Private & Confidential. 10 About Us IT Infrastructure ERP System Process People We provide One-stop solution for all your business needs… Our Capabilities
  • 12. EW Consultants Private Limited. Private & Confidential. 12 Our Team – Gourav Ladha
  • 14. EW Consultants Private Limited. Private & Confidential. XsXprt TM , is an user access and compliance management tool designed to work with SAP ERP system. It acts as a decision support system that will allow you to timely identify and fix user access violations. XsXprt is designed to manage various internal and external compliances. It provides deeper insight of user access through its comprehensive reports and simulators. XsXprt bring to you the leading industry control practices, through the vast experience our experts from diversified sectors. Primary objectives: ❯ Identification of Segregation of Duties (SOD) violations and access to sensitive business functions ❯ Providing assurance to auditors on user access controls ❯ Building strong internal controls to prevent unauthorized access ❯ Actively monitoring usage of licenses and health check of users access ❯ Reducing cost of compliance and preparing for compliance audits such as SOX Leveraging our years of global experience in SAP Risk Advisory, focused on User access risk management and Segregation of duties controls, we bring to you an advanced automated solution for smartly managing user access controls in SAP. 14 Product Overview
  • 15. EW Consultants Private Limited. Private & Confidential. ❯ Risk Management ❯ Quickly identify access risk such as super user access and SOD violations that may lead to do fraud or misreporting ❯ Compliance reporting ❯ Adhere to the current and future compliance requirements of the regulatory bodies, using our comprehensive reports ❯ Auditor Assurance ❯ Provide assurance to your internal and external auditors by providing real-time audit data per their requirements ❯ Business specific rules and matrices ❯ Design your own custom rule books from our huge repository of SOD rules and assess the state of your user access ❯ User access provisioning ❯ Be proactive and check possible ‘what-if’ violation scenarios using our dynamic simulators before assigning new authorizations ❯ License cost management ❯ Take control of your SAP user license utilizations to manage license cost and SAP license audits 15 Key Features
  • 16. EW Consultants Private Limited. Private & Confidential. ❯ Rule enhancement ❯ Our innovation to automatically manage rules in the rulebooks with dynamically changing user access ❯ Dynamic workflow ❯ A comprehensive and customizable workflow with high security and email alerts to ensure approval process can be automated ❯ Statistical measures ❯ Statistically computed risk scores to help categorize the users in to groups per their risk levels ❯ Infographic dashboard ❯ Infographic view of the user access issues to provide a bird-eye view for the management to devise an action plan ❯ In-memory processing ❯ Built with in-memory capabilities to provide you faster processing and scalability (tested on data of 9000+ users) ❯ User-friendly design ❯ Interface designed to provide user comfort for any technical / functional user to work with ease 16 Value Added Features
  • 17. EW Consultants Private Limited. Private & Confidential. Administrator: ❯ In-built rule-set repository to assist in evaluation of gaps ❯ Reduction in effort for managing user access and change request ❯ Get real-time state of user access and violations using smart reports ❯ High speed in-memory data processing to save time and optimized resource utilization ❯ SAP Certified Integration to ensure safety of data Management: ❯ Infographic dashboard and variety of reports to provide a bird-eye view of access to SAP ❯ Audit and compliance readiness ❯ Reduction in cost of compliance ❯ No need to spend on expensive IT infrastructure and implementation projects ❯ Improved assurance on user access controls Process Owners: ❯ Simplified process for requesting and reviewing access ❯ Take ownership of user access based on defined roles & responsibilities Auditors: ❯ Quick and accurate assessment of gaps using detailed reports ❯ Increased reliability on audit data as compared to traditional methods 17 Value Delivered
  • 19. EW Consultants Private Limited. Private & Confidential. Background: HDFC Standard Life Insurance Company Limited (HDFC Life) is one of the leading private life insurance companies in India. HDFC Life implemented SAP in December 2009 with over 1700 users. Challenges: Since the implementation of SAP at HDFC Life, they were facing challenges in managing their user access based on their roles and responsibilities: ❯ Continuously changing access requirements of the business users ❯ Extensive employee movements new joiners, transfers, terminations, etc. ❯ Managing change request w.r.t. 2000+ roles assigned to 1700+ users, in SAP ❯ Difficulty in maintaining segregation of duties and access to sensitive business transactions ❯ Pressure from management and external auditors to ensure user access compliance and many more…. Solution: ❯ Identifying gaps ❯ Suggesting solution for remediation ❯ Redesigning existing roles ❯ Realigning user access provisioning process 19 Case Study Result of the exercise: As a result of the project, their were visible improvements in the user access and process also got streamlined. However, managing this process manually was still a challenge. User access optimization exercise was able to provide them immediate resolution of issues, however managing user access in a long run required more then spreadsheets. To manage this activity on a continuous basis they required an automated solution. A tool that can help them perform preventive checks before granting access to users, based on this new SOD matrix. Implementation of XsXprt: Considering this challenge, we suggested them to leverage our user access and compliance management tool - ‘XsXprt’. XsXprt is an advanced tool capable of performing both what-if simulations and providing conflict reports within the SAP user access. It provides deeper insight of user access on a near real- time basis. It can help identify and remediate gaps affecting user access in SAP. How XsXprt helped: ❯ Reducing their overall time and effort in managing access ❯ Enabling daily check for possible SOD conflicts ❯ Acting on issues related to user access, licensing and overall health-check, using detailed report ❯ High speed data processing and silent data extraction using seamless integration with SAP
  • 20. EW Consultants Private Limited. Private & Confidential. Software: ❯ Operating System: Windows Server 2008 onwards ❯ Database: Microsoft SQL Server 2008 R2 onwards ❯ IIS: Version 7.0 onwards ❯ ASP.Net Framework: version 4.0 onwards ❯ Xtract IS Hardware: ❯ Storage: 40-50 GB ❯ Memory: 6-8 GB RAM Deployment: ❯ Time required: 2-3 days ❯ Custom Rule-set development: 12-15 days (optional) 20 Application Perquisites
  • 21. EW Consultants Private Limited. Private & Confidential. 21 XsXprt - Preview
  • 22. Thank You. Gourav Ladha MBA, SAP Certified Director Mobile : +91-971-295-2955 Email: gourav.ladha@ewcindia.co.in www.ewcindia.co.in +91-79-65444107 G-402, Titanium City Centre, Anand Nagar 100 Feet Road, Satellite, Ahmedabad - 380015 EW Consultants Private Limited