ERP Maestro Announces First Segregation of Duties (SoD) Auditing-as-a-Service to Simplify SOX Compliance and Reduce Fraud

Share Article

Online subscription service from ERP Maestro slashes SAP SoD auditing time from 500+ man-hours to just one hour and costs 70% less than on-premise software.

Segregation of Duties

ERP Maestro Segregation of Duties

According to an independent survey by OCEG of 441 audit, security, risk and compliance managers, a typical corporation spends 500 man-hours each year performing SoD and sensitive access audits.

Addressing the rise in fraud and the high costs of security audits, ERP Maestro® announced today an online subscription-based Segregation of Duties (SoD) auditing service that eliminates the hundreds of man-hours involved in the compliance reporting process for a typical corporation using SAP®, while dramatically reducing fraud abuse. ERP Maestro also announced the availability of a free trial that analyzes an organization’s entire user base.

Accounting fraud at U.S. organizations in 2014 more than doubled from 2011 levels and, increasingly, the reported scandals are related to lack of SoD and user access controls in Enterprise Resource Planning (ERP) systems such as SAP. A software firm, a state hospital and even a major grocer have seen the effects of such incidents recently including SEC charges, SOX “clawback” provisions for executives and billions wiped from the company’s stock market value.

ERP Maestro’s SoD Auditing-as-a-Service transforms SoD auditing for SAP, enabling internal audit managers, security officers and systems analysts to:

  •     Produce fully defendable SoD reports in minutes, not hundreds of hours
  •     Gain continuous fraud protection with 24/7 monitoring
  •     Spend 70% less than traditional on-premise SoD software
  •     Stop and start the monthly subscription service at any time

“Zero to 60”
According to an independent survey by OCEG of 441 audit, security, risk and compliance managers, a typical corporation spends 500 man-hours each year performing SoD and sensitive access audits. Most significantly, the survey reveals that only 17% of organizations are monitoring for SoD-related fraud on a continuous basis (OCEG One-Minute Poll, Access Control, 9/14, http://www.oceg.org).

“It is impossible to perform SoD audits manually with any accuracy, let alone continuously monitor for access conflicts that can lead to fraud activity,” said the senior business systems analyst for a leading manufacturer of power transmission and water management products. “With ERP Maestro we were able to go from ‘zero to 60’ in hours rather than months and with drastically lower initial capital outlay.”

Upon signing up for a subscription plan with ERP Maestro, a client can jump-start their journey to automating SoD auditing in under an hour with no upfront commitment and no IT implementation. Not only does this approach accelerate time to remediation and compliance, but it also opens the door to continuous monitoring as part of a broader enterprise GRC program.

The Need for Automation
Seventy-seven percent of companies still conduct their SoD audits manually, according to the OCEG survey. Industry analysts have long argued for the benefits of automation. This manual process of using spreadsheets and email is highly inefficient and not scalable, slowing down the business, introducing human errors and greater exposure to risk and non-compliance. Meanwhile, industry adoption of automation is impeded by the high cost of commercially supported software, which can be as high as $400,000 for the first year and take four to six months of consulting resources and time to implement.

“ERP Maestro’s SoD Auditing-as-a-Service is a fresh and simple approach that will accelerate the market shift toward automation,” said Michael Rasmussen, Chief GRC Pundit at analyst firm GRC 20/20. “The value could be tremendous for organizations: in terms of efficiencies with dollar and time savings from months to minutes and reduction in external audit fees by consultants; in terms of effectiveness such as more audits getting done, reduction in issues and faster intelligence to the business; and in terms of agility to report on-demand and adapt to changing business environment and employees changing roles.”

“The cost of doing nothing is too high. We are looking to address these fundamental barriers with a game changing approach, just as cloud models such as salesforce.com or basecamp.com have done for their respective markets,” stated Jody Paterson, Founder and CEO of ERP Maestro.

Free Trial Availability
ERP Maestro subscriptions are available immediately for organizations with as little as 100 up to an unlimited number of SAP® users. A free, 7-day trial as well as details on plans and pricing are available at http://www.erpmaestro.com.

About ERP Maestro
ERP Maestro is an online software-as-a-service (SaaS) that makes life easier for enterprise IT governance, risk and compliance professionals tasked with preventing fraud, passing corporate audits and complying with legislative requirements including Sarbanes-Oxley (SOX). With no upfront cost or IT implementation, ERP Maestro automates SAP® Access Controls including segregation of duty (SoD) compliance, sensitive access monitoring, emergency access management and secure provisioning. Risk management is real-time and continuous, and auditing reports are ready in minutes. ERP Maestro has been honored with a 2014 GRC Technology Innovation Award by independent analyst firm GRC 20/20 recognizing technologies revolutionizing the GRC market. For additional information visit http://www.erpmaestro.com or follow us on Twitter @ERPMaestro.

Share article on socal media or email:

View article via:

Pdf Print

Contact Author

Leslie Kesselring
Kesselring Communications, LLC for ERP Maestro
+1 5033581012
Email >
@LeslieKess
since: 05/2008
Follow >
Visit website