|
|
|
|
|
|
For all organizations seeking adequate governance (either related to a SOX certification or not), a proper Segregation of Duties (SOD) validation is critical. To protect the integrity of the companies’ data & transactions and to prevent fraud, the SOD validation (from a systems perspective) requires to review on a regular basis individuals’ access authorizations. For organizations with hundreds/thousands of employees and various corporate applications, this task is time consuming and require significant resources. In most case, it simply cannot be done manually. To address this need, EZ-Compliance provides an automated SOD scan. Not only does it provides precisely who is able to access what across diverse applications, it also uses dynamic SOD Conflicts Rules to automatically identify SOD Conflicts, and this within only minutes. Finally, the combination of simulation capabilities and the fact that the scan can be performed/scheduled on a daily basis enables your organizations to implement true "Preventive SOD Controls".
For Baan customers:
Did you know that any employee having access to the sessions
tccom2101m000 [Maintain Suppliers] and tcmcs0108m000 [Currency
Rates] constitutes a SOD conflict, therefore creating a Business Risk for
your organization. The same goes for the sessions tdpur4101m000 [Maintain
Purchase Orders] and ticpr2220m000 [Update Cost Prices]. In fact,
hundreds of Baan sessions are to be validated against each other to
perform a complete SOD validation. To help with this significant task,
DynaFlow provides its customers with two critical components:
1- A pre-defined library of conflicting Baan sessions: This library, including more than 450 "sensitive" Baan sessions, lists SOD Conflicts existing between them. This knowledge base component provides tremendous value both for organizations that are starting with SOD and desire a quick SOD start and also for organizations that wish to validate their current SOD rules with an external library (used by other organizations that successfully passed their SOX certification).
<<
Show me a subset of the Baan SOD Conflict Rules
Library >>
2- An automated SOD Conflicts Scan Engine: Acting in a similar manner than a virus scan program, the EZ-Compliance SOD Scan Engine is able to "scan" your entire Baan users authorizations (from Tools or DEM) and identify automatically all SOD conflicts. Not only does it provide within minutes a clear list of authorizations to review/resolve, it also is powerful tool to convince internal & external auditors that your SOD validation is done thoroughly (all employees and all sessions). As you can perform a new scan as often as you change employee access/roles, your SOD validation is always under control. Furthermore, the Business Risk related to SOD can be minimize even further by the capability of this scan engine to also identify conflicts between Baan and any other applications used within your organization.
SPECIAL OFFER FOR BAAN CUSTOMERS
Show me my own SOD conflicts:
DynaFlow will scan your Baan users-sessions authorizations and provide you with a list of SOD conflicts identified by the EZ-Compliance scan.
Try it, its free.
To request
information about EZ-Compliance and the predefined BAAN SOD Conflict Rules Library,
click here