In today’s fast-paced business environment, ensuring the security and compliance of enterprise systems is of paramount importance. Markem-Imaje, a leading manufacturer of product identification and traceability solutions, faced significant challenges in managing access rights and segregation of duties in their SAP system. High-risk audit findings and manual controls were becoming a burden, prompting them to seek a solution that would streamline their user management processes and mitigate risks. In this video, we explore Markem-Imaje’s journey and how they successfully implemented SAP GRC and Authorization solutions with ArtimIS.
- Understanding the Challenges: Markem-Imaje had been encountering high-risk audit findings related to access rights and segregation of duties for five consecutive years. The lack of a clear view of access requirements per department or job function, combined with IT-focused role names, led to confusion and manual replication of access rights. This resulted in increased segregation of duties issues and unnecessary granting of additional access.
- The Response: SAP GRC AC: Discovering SAP GRC Access Control (AC) was a turning point for Markem-Imaje. They recognized the tool’s potential to address their main challenge of granting access with segregation of duties conflicts. SAP GRC AC provided preventive controls to reduce SOD conflicts and helped create an authorization matrix that was user-focused, simplifying the process of determining the required roles based on the current role.
- The SoDa Project: Milestones and Objectives: Markem-Imaje collaborated with ArtimIS on the SoDa (SOD Authorization) project, which aimed to achieve several key objectives:
- Defining an accurate authorization and SOD matrix to understand user accesses and identify preventive SOD conflicts.
- Establishing a robust user management access process with appropriate levels of approvals, promoting access rights awareness and compliance with SOX requirements.
- Implementing regular user access reviews with a risk-based approach.
- Creating a replicable and adaptable model to accommodate organizational changes.
- Results and Innovations: The SoDa project yielded significant achievements for Markem-Imaje:
- Increased access and SOD awareness within the business, ensuring responsible access requests.
- Up-to-date dashboards to monitor and justify SOD risks.
- An authorization model that supports organizational changes, facilitating integration of acquired or merged companies.
- Implementation of virtual support through an internal chatbot within MS Teams, offering user management assistance and process guidance.
- Reduced manual controls and mitigation of SOD conflicts.
Markem-Imaje’s experience with SAP GRC and Authorization solutions demonstrates the power of proactive measures in streamlining user management and mitigating risks associated with access rights and segregation of duties. By collaborating with ArtimIS, they successfully transformed their access control processes, leading to improved compliance, increased awareness, and optimized efficiency.
Watch the video to gain valuable insights from Markem-Imaje’s journey toward a more secure and compliant SAP environment.