Case Study: Aker Solutions reduced access risk by 85% with Soterion
Key Takeaways
⇨ Soterion's GRC solutions for SAP can quickly and effectively reduce access risks and increase regulatory compliance.
⇨ Access Risk Manager provides a dashboard to identify and mitigate access risks, while Basis Review helps establish complete compliance.
⇨ Through Soterion's solutions, Aker Solutions achieved increased efficiency, effectiveness, regulatory compliance, and risk mitigation.
Aker Solutions, a leading engineering company in the energy sector, faced a growing SAP access risk problem due to years of employees accruing more roles and authorizations, resulting in over 1.5 million potential access risks to their system. To address this challenge, Aker Solutions turned to Soterion’s GRC solutions for SAP, including the Access Risk Manager dashboard and the Basis Review configuration inspection tool. The implementation included a week of on-site working with a consultant, resulting in an 85% reduction in potential access risks after six months. The solutions also helped Aker Solutions increase regulatory compliance, improve auditor trust, and reduce the time spent monitoring SAP roles, resulting in increased efficiency, effectiveness, and quality of their processes.
A growing SAP access risk problem
Aker Solutions implemented SAP in 2004 to 2006. Over the years, employees accrued more roles and authorisations to do transactions. The problem had escalated to the point where they had introduced 1.5million potential access risks to their system. The Finance Process Improvement & Systems team was looking for a solution to create visibility and transparency. They struggled to know where to begin to address such a large challenge. They already had SAP GRC, but didn’t use it.
Explore related questions
Soterion’s GRC solutions expose and reduce risks
When EPI-USE Labs demonstrated alternative SAP GRC solutions provided by their partner Soterion, Aker Solutions immediately realised that these could solve their challenges.
They were especially interested in the Access Risk Manager product. This provides a dashboard to identify where the SAP access risk exposure is located, and identifies employees with access to sensitive data, a critical
factor to support their GDPR initiatives. The “What-if” Allocation Simulator allowed them to proactively identify risks before applying the changes in their SAP system.
The second solution they use is Basis Review to inspect their SAP Basis configuration against a set of rules based on industry best practice. This product helps them to establish complete compliance to avoid adverse
audit findings.
Premium
