Looking to

Automate

Your Access

Controls? Case Study: Global Security Corporation

Learn how other companies are eliminatingSoD conflicts and soaring through their

internal audits

CHEMICAL

How PeroxyChem nearlyeliminated SoD conflicts

with Access Analyzer

SECURITYHow a fortune 500 global

security company reducedSoD Auditing by 700+ hours

COSMETICS

How a global cosmeticscompany met increased

audit requirementsduring an SAP GRC

install.

"To date, we've been able to reduce our criticalSegregation of Duties (SoD) conflicts by over80% and our high SoD conflicts by over 60%.We've also been able to formally document

our mitigating controls within the tool, which isbeing relied upon by our external auditors."

- SR. MANAGER INTERNAL CONTROLS & POLICIESGLOBAL SECURITY SYSTEMS CORPORATION

Case Study 2: Security Firm

T H EC O M P A N Y

G l o b a l S e c u r i t y F i r m

A global security and assetprotection organization with nearly200 offices throughout NorthAmerica. They help companiesprotect their employees,customers, facilities, andoperations from internal andexternal threats. Providing safetywhich allows businesses to worksmarter through enhancedsecurity management andinformation managementsolutions.

T H EP R O B L E M

Prior to using ERP Maestro, theyutilized a team of compliancepersonnel to manually validate SoDand user access concerns. Thisapproach was intensively manual,prone to human error, slow, did notcover the full scope of potential risk,and rarely relied on by externalaudit. Most importantly, it wasnot continuous. This manualapproach was costing themapproximately $120,000 and640 hours of internal resource timeper SAP instance and audit cycle.

CHALLENGES

There was the cost of management’stime to coordinate and reviewthe manual process as well as theincremental cost of external auditorsto validate and retest the systems.Passing access security audits became an annual gamble for theorganization because of thisapproach, resulting in significantmanual testing by external auditorsdue to their inability to rely on thisorganizations selective manualevaluations and testing.

One of their top requirementswas the ability to provide afast implementation to meetaudit deadlines. However, thesolutions considered were allabove $400,000 in cost($200,000 licensing with anadditional $200,000implementation andconfiguration cost onaverage). Further, the averageproposed implementationtime was about four to sixmonths.

Manual Processes Opportunity Cost Budget

T H ES O L U T I O N

Solution

With ERP Maestro this organization found asolution that was not only cost-effectivebut also enabled them to achieve theirgoals of efficiency, effectiveness, andagility. Access Analyzer was implementedin a couple of hours as a monthlysubscription. Alternate solutions offeredsimilar savings over doing it manually, butdue to their high cost, required operatingfor a couple of years to see any ROI. ERPMaestro’s low-cost subscription model, incontrast, was a significant and immediatesavings of at least $352,800 in year one.The ERP Maestro solution was able to meettheir timelines and achieve access controlautomation. The organization was pleased,as they were then able to use theremaining budget to start addressing theremediation of identified access issues.

Simple, Quick andAffordable

T H ER E S U L T S

THE ERP MAESTROSUBSCRIPTION,WAS ANIMMEDIATE AND DIRECTSAVINGS

OF 61% ON TOP OFWHAT THEYWERE ALREADYSPENDING BY DOINGIT MANUALLY.

In 1 hour, ERP Maestro completes what used to take 732 hours before when theyperformed it manually. Manual processes were costing approximately $121,200 per year. They recognizedimmediate as well as ongoing annual savings of $74,000 after replacing theirmanual effort with ERP Maestro's Access Analyzer.Savings in external audit who used to do all the access control testing themselves is$50,000 a year.Through ERP Maestro’s SaaS deployment model, there was no additional cost inhardware as well as time installing hardware in this organization’s datacenter, aswell as no cost in the ongoing maintenance and upkeep. The first year savings isbelieved to be in the area of $50,000 for hardware and maintenance alone.The organization sees further value moving forward as the SaaS model means theyare continuously upgraded to the latest release and do not have to undertake thecost of an upgrade project every three to five years.

Using ERP Maestro, this organization has been able to identify both quantitative (hard objective facts and figures)and qualitative (soft subjective opinions and experience) measures of value as they pertain to the effectiveness ofaccess management that they have benefited from.

W A N T T OL E A R N M O R E ?

http://www.erpmaestro.com/resources/case-studies