REMEDYNE integration with SAP GRC tools, SAP GRC Access Control and SAP GRC Process Control, can close the gap of residual access and other risks.
Access risks such as in the SAP GRC Access Control SOD matrix can be avoided in some cases by changing SAP authorization roles, or assigning different roles to users when re-organizing work and processes. But in many cases, organizations cannot avoid to grant high risk combinations of authorizations to users, simply because there are not enough users. In that case, you find residual risks in SAP GRC Access Control and you accept them.
REMEDYNE’s Access Violation Management allows you to set up controls for residual risks that you have in SAP GRC, and monitor all activities related to them. You then can review activities and have a compensating controls for those risks.
Other business/transactional risks can also be mitigated by automated continuous monitoring, with the option to add auto-reaction methods (such as blocking a vendor or a invoice, for instance). Like this REMEDYNE covers IT and business risks and delivers actionable alerts.
Organizations that use SAP GRC Process Controls can integrate REMEDYNE with a simple to set up SAP QUERY and assign REMEDYNE transaction monitoring alerts to SAP GRC PC risks and risk owners via the risk-control-matrix, making use of type of REMEDYNE control, organizational unit/company code, etc.
Integration with SAP GRC tools and REMEDYNE’s Access Violation Management and transaction monitoring close the gap between SAP GRC Access Control and SAP GRC Process Control.