Rückgabe

19 July 2019

SAP – Swiss public transport operator

Security

Use case SAP transport SERIAL

Company Description

The client ​operates trams, trolleybuses and buses for the Canton of Geneva and also serves some regions in neighboring France. ​Vehicles in circulation carry about 200 million passengers each year.

Business Challenges

The transporter wanted to take advantage of the migration from SAP R3 to SAP ECC6, to perform a full review and redefinition of their SAP composite and simple roles.

The client has previously worked with an integrator to ​define a theoretical model of their SAP roles and they needed to ensure that this new model allows the users to perform their work without “segregation of duties violations”  (SOD) issues.

Our solution

We ​used Brainwave iGRC to carry out an audit of the SAP system. 

This audit consisted in retrieving current usage of SAP transactions and associate modeling of composite and simple roles. The transactions usage was aggregated for the last 14 months to clearly identify  what users used the most. ​

Then  simulations were performed with Brainwave iGRC to check  the capabilities to use these transactions each time a new theoretical model was defined. ​

Decision  matrix were published in Brainwave iGRC portal to present the simulation results to help Deloitte to conduct business change management workshops and define the appropriate role theoretical model. ​Additionally  SOD controls proposed by another integrator were integrated in Brainwave iGRC to check SOD violations issues in the model and in the actual role affectation to end users.

Duration

This project has been led for 4 months.

Profiles

The project was led by a team including:

  • ​1 Expert Brainwave iGRC

Technologies

  • Brainwave iGRC
  • Datastage
  • SAP

Artikel in der gleichen Kategorie

carre1 carre2 circle1 circle2 circle3 triangle1 triangle2 triangle3