Midmarket companies face very similar SAP GRC risk mitigation and compliance requirements as larger enterprises. If your company is publicly traded, you have to follow SOX just like a large enterprise, with severe civil and criminal liabilities for noncompliance. If […]
SAP GRC shouldn’t feel like an ongoing strategic challenge. With the right SAP Governance, Risk and Compliance software, passing audits should be a given, and remediating SOD conflicts should be pretty routine. If you’re struggling to keep up, it’s time […]
On the surface, segregation of duties remediation is simple. First, you compile a list of SOD conflicts from SOX and other applicable compliance regimes, and select the ones that are relevant to your company. Then, you compare that list to […]
Cloud compliance requires control and visibility. The control allows companies to achieve compliance objectives and mitigate risks by remediating SOD conflicts and ensuring the accuracy of records. To do that, however, organizations also need the visibility to be able to […]
Because 21 CFR Part 11 compliance focuses on data accuracy and authentication, life sciences organizations sometimes underestimate its complexity. Superficially, it does seem simple. After all, the goal is just to make sure electronic records are up to FDA standards […]
Imagine you process orders for a company that uses no automation. When customers call to order, you enter their orders in a primitive spreadsheet, tally totals with a calculator, contact the shipping department and credit card processor to authorize the […]
GRC software might have many features, but it really has two main functions: controlling risk and simplifying compliance. These functions are completely interdependent in SAP GRC solutions. A software suite can look powerful on paper, but fail to provide good […]
Mitigating controls are a great way to reduce SOD conflict risks. Still, if you are not careful, you can mitigate yourself out of compliance. It’s not enough to assign a compensating control to a risk and call it a day. […]
In firefighting, users are given a higher level of access in SAP, either to fix something or perform a task that goes outside their normal duties. Normally, SAP user provisioning and role management restricts users to their job tasks. If […]
It’s easy to think of your SAP auditor as the bad guy. An SAP security audit can feel like just another battle in an endless war against an unbeatable opponent. From documentation issues to Segregation of Duties (SOD) conflicts, to […]
