Infosys: Treating Governance and Compliance Strategically with SAP Access Control



Similar documents
Minimize Access Risk and Prevent Fraud With SAP Access Control

GR5 Access Request. Process Diagram

R49 Using SAP Payment Engine for payment transactions. Process Diagram

Outperform Financial Objectives and Enable Regulatory Compliance

Business-Driven, Compliant Identity Management

SAP Customer Quote Program SAP MaxAttention Highlight Quotes

BPCL: Delivering New Functionality Faster and Reliably with SAP Software and SAP Enterprise Support

GSK Vaccines: Easing Compliance with SAP Process Control

Kennametal: Gaining Transparency in IT and Business with SAP Enterprise Support

Partner Certification to Operate SAP Solutions and SAP Software Environments

Power Smart Business Operations with Real-Time Process Intelligence

National Bank of Canada: Transforming the Mortgage Origination Process

KT Corp: Driving Innovation in Business Processes by Running the SAP ERP Application in the Cloud

Extend Business Scope and Improve Governance with SAP Content Management

Transnet Engineering: Driving Lean Six Sigma with SAP Portfolio and Project Management

Asian Paints: Touching Up Customer Service Efforts with SAP Mobile Platform

Bharat Petroleum: Fueling Real Estate Revenues with SAP Real Estate Management

Optimize Application Performance and Enhance the Customer Experience

Price and Revenue Management - Manual Price Changes. SAP Best Practices for Retail

Transform HR into a Best-Run Business Best People and Talent: Gain a Trusted Partner in the Business Transformation Services Group

Run SAP Risk Management in Utilities to Get Business Value Fast

Elevate Your Customer Engagement Strategy with Cloud Services

Increase the Efficiency and Value of Healthcare Contact Centers

Transform Audit Practices and Move Beyond Assurance

SAP Audit Management A Preview

Increase Business Velocity with Connected, Insightful, Cloud-Based Software

How To Make Your Software More Secure

Master Data Governance Find Out How SAP Business Suite powered by SAP HANA Delivers Business Value in Real Time

Receivables Management with SAP Software

Automate Complex Pay Rules While Streamlining Time and Attendance Management

ENN: SAP Access Control helps ENN to build Regular Role and Authority Risk Management Mechanism

SAP Overview Brochure. Confidence Powers Success. SAP Solutions for Governance, Risk, and Compliance.

Driving Excellence in Implementation and Beyond The Underlying Quality Principles

SAP Solution Manager: The IT Solution from SAP for IT Service Management and More

Enhance Customer Service with Integrated Scale Management Software from SAP

Vodafone: Cutting Labor Costs 30% Through Shared Service Centers and SAP Software

ABB: Independently Streamlining Its Organizational Setup with SAP Landscape Transformation

SAP: Investing in Your People is Investing in the Workforce of the Future

The Innovation-Driven Enterprise

Formulate Winning Sales and Operations Strategies Through Integrated Planning

FA7 - Time Management: Attendances/Absences/Overtime/Hajj Leave. Process Diagram

Keolis: Accelerating Recruitment with SAP Cloud for HR Solutions

The Security Development Lifecycle at SAP How SAP Builds Security into Software Products

Transform Your SAP Applications Landscape to Meet Changing Business Requirements

Multi Channel Sales Order Management: Mail Order. SAP Best Practices for Retail

Cyber Governance Preparing for the Inevitable Perimeter Breach

Interaction Center Sales & Marketing Detailed View

Petrojam: Boosting Operational Efficiency by Upgrading Its SAP ERP Application

Managing Expansion and Complexity in Growing Chemical Enterprises

Daikin: Gaining Global Sales, Inventory, and Margin Visibility with Data Visualization Software from SAP

Cepas Argentinas: Improving Business Intelligence with SAP Web Channel Experience Management

Discover, Cleanse, and Integrate Enterprise Data with SAP Data Services Software

Clariant: Optimizing Product Safety and Stewardship with SAP Software

Sync, Share, and Store Information Across Devices Effectively and Securely

Mercy: Maximizing the Value of Big Data and Analytics to Improve Patient Care

SAP Travel OnDemand Solution An Easier Way to Travel

Philips Respironics GK: Helping Customers Breath Easier with the SAP CRM Rapid-Deployment Solution

How To Use An Automotive Consulting Solution In Ansap

Introducing SAP s Landscape and Data Center Innovation Platform. Phil Jackson SAP Solution Engineer

Metropolitan Utilities District: Saving 12,000 Hours Annually Using SuccessFactors Solutions

How-To Guide SAP Cloud for Customer Document Version: How to replicate marketing attributes from SAP CRM to SAP Cloud for Customer

Transform Invoice Management with a Hybrid of Cloud and On-Premise Software

Resource Management for the Oil and Gas Industry

SEPA in SAP CRM. Application Innovation, CRM & Service Industries. Customer

Detect, Prevent, and Deter Fraud in Big Data Environments

Redefining Customer Analytics

Driving Transformation with Less Budget The Value of SAP Enterprise Support

Managing Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense

Driving Customer Value leveraging SAP s strategy for the Internet of Things Internet of Things Technology Forum Frankfurt

Proactive Collections and Dispute Management with SAP Software

Information Technology Meets Operational Technology in the Internet of Things

Commonwealth Bank of Australia: Building Lasting, Real-Time Value for Customers

Improve Business Efficiency by Automating Intercompany Transactions

Making Every Project Business a Best-Run Business

EMC: Managing Data Growth with SAP HANA and the Near-Line Storage Capabilities of SAP IQ

Automotive Consulting Solution. CHEP - EDI- Container Data

Deutsche Postbank: Managing a Large-Scale Upgrade with SAP Software and Support

K75 SAP Payment Engine for Credit transfer (SWIFT & SEPA) Process Diagram

Data Integration using Integration Gateway. SAP Mobile Platform 3.0 SP02

How to Deliver a Coordinated Customer Experience across Every Channel

Visualization Starter Pack from SAP Overview Enabling Self-Service Data Exploration and Visualization

China Grand Auto: Partnering with SAP on a State-of-the-Art Platform for a Multibrand Dealer Group

Run SAP Risk Management for Enterprise Risks in Life Sciences for Fast Business Value

SAP ERP FINANCIALS ENABLING FINANCIAL EXCELLENCE. SAP Solution Overview SAP Business Suite

Accelerate Time to Value and Innovation Through Complete Contract Management

Measure Your Data and Achieve Information Governance Excellence

OTE Group: Going Mobile with SAP Enterprise Support

Improve Information Governance Through Clarity and Collaboration

How 21 st century Purchasing- and Finance organizations leverage Business Networks for automation and business collaboration

Start Anywhere and Go Everywhere with Cloud Services for HR

Simplify Complex Architectures and See the Potential Impact of New Technologies

Ignite Your Creative Ideas with Fast and Engaging Data Discovery

Enterprise Information Management Services Managing Your Company Data Along Its Lifecycle

SAP ERP OPERATIONS SOLUTION OVERVIEW

Arteria Technologies: Building Enterprise Mobile Apps That Extend SAP Business Suite

Streamline Processes and Gain Business Insights in the Cloud

Cost-Effective Data Management and a Simplified Data Warehouse

OSRAM: Driving Process Efficiency with SAP Master Data Governance

mysap ERP mysap ERP HUMAN CAPITAL MANAGEMENT

RheinEnergie: Real-Time Visibility for More Efficient and Smarter Energy Consumption

Transcription:

Infosys: Treating Governance and Compliance Strategically with SAP Access Control Stringent management of user access controls and the segregation of duties are becoming a strategic concern for businesses as regulations multiply and compliance becomes more challenging. To adopt best practices for governance and risk management, Infosys, a global IT services company based in India, implemented the SAP Access Control application.

Company Infosys Limited Headquarters Bangalore, India Industry Professional services IT service provider Products and Services Consulting, technology, and outsourcing services Employees 151,150 (as of March 31, 2012) Revenue INR 337.34 billion (US$6.99 billion) (as of March 31, 2012) Web Site www.infosys.com Business Transformation The company s top objectives Adopt an enterprise-wide view of governance and risk management practices for management and audit teams Achieve compliance for segregation-of-duties (SoD) governance and access control management Eliminate future SoD violations The resolution Integrated the SAP Access Control application with the company s SAP ERP application Assigned a multidisciplinary project team to perform implementation Customized the standard risks and rules set with specific requirements The key benefits Real-time monitoring and assessment facility to control user access and conflicts Robust fraud prevention and detection capabilities Minimized labor effort required to manage and report on governance and risk Read more The SAP Access Control application provides an enterprise-wide view to efficiently and effectively manage access controls and SoD conflicts in a large-scale company like Infosys. Shailesh Agarwal, Associate VP, Finance, Infosys Limited Top Benefits Achieved 80% Reduction in time to manage access control 100% Elimination of SoD violations 1 hour Preparation to run reports (down from 1 week) See more metrics 2 / 6

Pursuing enterprise-wide excellence in corporate governance Infosys Limited is one of the largest technology services companies in India. As a global leader in strategic business consulting, technology, engineering, and outsourcing services, Infosys helps clients leverage technology to create impactful and measurable commercial results and extract business value from every IT investment. In its 64 offices and 63 development centers around the world, the firm employs 150,000 people and specializes in defining, designing, and delivering technology-enabled business solutions for Global 2000 companies. Infosys benefits from an SAP ERP application backbone and from SAP MaxAttention support delivered by the SAP Active Global Support (SAP AGS) organization. With a stated vision to become a globally respected corporation and a mission to build an enterprise prepared for tomorrow, the executive team at Infosys prioritized the need to embrace robust corporate governance and implement vigorous risk management practices. They viewed compliance with regulatory obligations not as a cost to the business but as something that drives competitive advantage and business performance. Business risks and regulatory requirements continue to multiply, comments Shailesh Agarwal, associate vice president of finance at Infosys. As these issues become increasingly complex to manage, it was clear that we needed to pursue a systematic and efficient way of handling governance, risk, and compliance across the enterprise. We needed to move from a siloed compliance structure to an integrated and transparent risk and compliance framework. This approach would help us mitigate risk as well as drive value for the business, while minimizing complexity for managers. 3 / 6

Controlling business risk with SAP software As part of Infosys risk management initiative, the management team endorsed the need for investment in compliance, internal audit, risk management, and corporate governance disciplines. To gain a transparent view of governance, risk, and compliance practices across the entire business, Infosys integrated the SAP Access Control application with the existing SAP ERP application backbone. A multidisciplinary team was assembled to identify enterprise segregation-of-duties (SoD) risks, including business process owners as well as individuals from enterprise audit, IT, and enterprise risk management. The team analyzed risks from a number of business units against the end-to-end business processes, the responsibility of users involved in the business operations, and a standard SoD rule set provided by the SAP software, explains Gopalakrishnan Ganesh, vice president and group head of Information Systems at Infosys. After several rounds of iteration, the team identified enterprise SoD risks and clearly categorized them based on the business impact. The team then set about reviewing and revoking access permissions that had not been used for more than six months, continues Ganesh. We removed unnecessary access before remapping access permission to the area of responsibility. Through SAP Access Control, the team mapped out governance policies for role management, and SoD risk analysis was performed before roles were released to the test and production environment. This eliminated the ability to create roles that resulted in SoD violations. As part of role harmonization, the team applied a standard naming convention and compliant user provisioning for the technical roles across SAP software. 4 / 6

World-class corporate governance With SAP Access Control up and running, Infosys has successfully embedded compliance into its core business processes. The new software has effectively transformed the assignment and governance of user permissions from a manual process using e-mail, spreadsheets, and telephone calls. Now automated and real-time monitoring of access permissions and conflicts in the system allow for early detection of potential risks and proactive prevention of SoD conflicts. In fact, the organization has reduced the human effort associated with user access provisioning and deprovisioning by 80% and has entirely eliminated SoD violations. By implementing SAP Access Control across the Infosys landscape, we have reduced the cost of risk and are benefiting from a systematic, organized, and efficient approach to operational compliance, says Acham Naidu, technology solution architect for SAP Security and GRC and IDM expert at Infosys. Key benefits 80% Reduction in time to manage access control 100% Elimination of SoD violations 1 hour Preparation to run reports (down from 1 week) 5 / 6

Infosys Integrating more governance, risk, and compliance processes Effective segregation of duties and access control over key information is a prerequisite for sound corporate governance. As Infosys benefits from sound internal controls with tighter fraud prevention and detection across SAP applications, the company is planning to extend this robust corporate governance across non-sap applications. The company is also looking to reinforce its process controls. We re planning to implement the SAP Process Control application, says Naidu. This will help us gain better visibility into key business processes and ensure a high level of reliability in financial reporting. In addition, we want to integrate the SAP Risk Management application to give us a risk-adjusted view of enterprise performance. Together these software applications will help us further optimize efficiency, increase effectiveness, and maximize visibility across all risk initiatives. CMP22798 (12/12) 6 / 6

2012 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. National product specifi cations may vary. These materials are provided by SAP AG and its affi liated companies ( SAP Group ) for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Please see http://www.sap.com/corporate-en/legal/copyright/index.epx#trademark for additional trademark information and notices.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information