SAP GRC Risk Mitigation For Midmarket Companies
SAP GRC Risk Mitigation For Midmarket Companies

Midmarket companies face very similar SAP GRC risk mitigation and compliance requirements as larger enterprises. If your company is publicly traded, you have to follow SOX just like a large enterprise, with severe civil and criminal liabilities for noncompliance. If […]

SAP Security: From Impossible to Routine
SAP Security: From Impossible to Routine

Confusing terminology isn’t exactly uncommon in the SAP world, but the term “SAP security” sounds pretty straightforward. Outsiders often either assume it covers all the threats against your SAP system, or that it focuses on defeating outsider threats, such as […]

What is Segregation of Duties?
What is Segregation of Duties?

Separation or segregation of duties is a set of policies and controls to reduce risk and meet compliance goals by dividing key processes between multiple workers. SoD controls prevent specific combinations of roles that could facilitate fraud or embezzlement — […]

SAP<sup>®</sup> GRC Software: 3 Challenges
SAP® GRC Software: 3 Challenges

SAP GRC shouldn’t feel like an ongoing strategic challenge. With the right SAP Governance, Risk and Compliance software, passing audits should be a given, and remediating SOD conflicts should be pretty routine. If you’re struggling to keep up, it’s time […]

SAP<sup>®</sup> Segregation of Duties Remediation Made Easy
SAP® Segregation of Duties Remediation Made Easy

On the surface, segregation of duties remediation is simple. First, you compile a list of SOD conflicts from SOX and other applicable compliance regimes, and select the ones that are relevant to your company. Then, you compare that list to […]

Access Control for SAP<sup>®</sup> Environments as a Service
Access Control for SAP® Environments as a Service

Almost everyone struggles with SAP GRC these days. Many companies use outdated, document-centric review processes. They work for months just to compile audit reports, and by the time they remediate their SAP access controls, it’s time to start the whole […]

Too Many Clouds Can Cloud Compliance
Too Many Clouds Can Cloud Compliance

Cloud compliance requires control and visibility. The control allows companies to achieve compliance objectives and mitigate risks by remediating SOD conflicts and ensuring the accuracy of records. To do that, however, organizations also need the visibility to be able to […]

21 CFR Part 11 Compliance For Life Sciences
21 CFR Part 11 Compliance For Life Sciences

Because 21 CFR Part 11 compliance focuses on data accuracy and authentication, life sciences organizations sometimes underestimate its complexity. Superficially, it does seem simple. After all, the goal is just to make sure electronic records are up to FDA standards […]

3 Reasons to Choose ControlPanelGRC As Your SAP GRC Solution
3 Reasons to Choose ControlPanelGRC As Your SAP GRC Solution

GRC software might have many features, but it really has two main functions: controlling risk and simplifying compliance. These functions are completely interdependent in SAP GRC solutions. A software suite can look powerful on paper, but fail to provide good […]

It Can’t Happen — the Risks of a Data Security Breach
It Can’t Happen — the Risks of a Data Security Breach

If your entire company’s value were converted into cash, and stored in a warehouse, how would you go about protecting it? You’d probably start with physical security — a reinforced structure, razor wire, and a secure entryway to prevent unauthorized […]

About Scott Goolik - VP, Compliance and Security Services

Scott Goolik is VP of Compliance and Security Services at Symmetry. A recognized expert in the field of SAP security and compliance, Scott has over 20 years of expertise in SAP security and is a regular presenter at SAP industry tradeshows and ASUG events. His experience includes working for one of the Big Four accounting firms and developing auditing tools, including those for segregation of duties (SOD). Scott is also responsible for architecting the ControlPanelGRC® solution which provides audit automation and acceleration of security and control processes.

1 2 3 4