ControlPanelGRC Risk Analyzer
ControlPanelGRC Risk AnalyzerControlPanelGRC Risk Analyzer is the solution for managing segregation of duties and sensitive authorization risks in real-time. Risk Analyzer provides valuable information to assist in audit clean-up and then maintains compliance with ongoing risk analysis, modeling, documentation of mitigating controls, and monitoring with documented review.Easily Extensible RulebooksThe delivered Risk Analyzer Rulebooks contain a core set of the most frequently used sensitive authorization and segregation of duty rules common to all industries. The Rulebooks are extensible and can easily be customized to meet business process or auditor requirements. Risk Analyzer defines risks as conflicting functions and provides a detailed, plain English description. A high level of granularity is available to define risks both by authorization and at the transaction level. ControlPanelGRC Risk Analyzer incorporates a timesaving ABAP based tool that enables quick and easy importing and comparison of new rules. Periodic Rulebook updates are freely available to license holders. Analyze with EaseHistorically an initial security audit clean up would cost the team a week or more of painstaking work running individual queries in SUIM. ControlPanelGRC Risk Analyzer’s integrated reporting functions significantly reduce the burden of work, making analysis and remediation of risks a breeze. ControlPanelGRC utilizes a function-based approach to defining and analyzing risks rather than a segregation of duties matrix. This approach reduces the amount of redundant information contained in reports, making them faster to run and easier to understand. A function represents a grouping of transactions and authorizations related to the execution of a set of tasks. In this case, the transactions ME21N, ME22N, etc., and the authorization to create or change purchasing documents (M_BEST_BSA) would represent the function for purchase order maintenance. ControlPanelGRC Risk Analyzer is the solution for managing segregation of duties and sensitive authorization risks in real-time. Risk Analyzer provides valuable information to assist in audit clean-up and then maintains compliance with ongoing risk analysis, modeling, documentation of mitigating controls, and monitoring with documented review. Risk Analyzer reports on role risk analysis, user risk analysis, mitigating controls (and related assignments), and sensitive role and profile analysis. Integration with ControlPanelGRC Usage Analyzer enables an in-depth review of executed risks and provides details on which transactions were executed and when, as well as change documents and statistical usage data. Remediate or Assign Mitigating Controls DirectlyRisk Analyzer reports provide all the necessary information necessary to make judgments on appropriate remediation or mitigation options. Drill-downs provide details of the risk, risk description, risk severity, conflicting functions, authorization object details and direct access to the user’s master records in SU01. In-module integration with ControlPanelGRC Usage Analyzer provides information on the last time the transactions were run. Immediate action can be taken to remediate or mitigate directly within the Risk Analyzer interface. ModelA “what-if” modeling analysis assists in identifying potential risks when new roles are assigned to users, new transactions are assigned to roles or new authorizations are assigned to roles or users. MonitorControPanelGRC Risk Analyzer’s monitoring functionality helps to enforce ongoing compliance by setting in place a process to automatically generate critical reports or conflicting transaction execution notifications, route them for review and maintain a documented audit trail. Automated notifications of executed risks and mitigating control executions can be routed for review direct to the relevant staff member. Integration with ControlPanelGRC AutoAuditor enables routing of periodic batch jobs such as a weekly review of unmitigated sensitive roles and profiles; a quarterly review of mitigating control assignments; or monthly risk analysis reports routed plant controllers or HR for review. For more information, or to schedule a demonstration, contact Symmetry today. |
EMAIL UPDATES
Sign up now for Symmetry's email updates
Related Links
Security Managed ServicesSecurity Consulting
ControlPanelGRC
ControlPanelGRC User and Role Manager
ControlPanelGRC Usage Analyzer including License Optimizer
ControlPanelGRC Transport Manager
ControlPanelGRC Emergency Access Manager
ControlPanelGRC AutoAuditor