Segregation of Duties (SoD) Control Monitoring and Automation – Lessons from Jabil’s Experience
Meet the Experts
⇨ Jabil's experience highlights the importance of adapting SoD control monitoring and automation processes to accommodate business growth, regulatory changes, and diverse customer needs
⇨ By undertaking a major role redesign and bringing standardization across their manufacturing instances, Jabil achieved improved compliance and more efficient access management
⇨ The upgrade to GRC Access Control provided Jabil with advanced capabilities for monitoring and quantifying SoD violations, helping them maintain compliance and mitigate risks effectively
Since Jabil’s first implementation of SAP in 1998, with only three manufacturing plants, to our current landscape of 100+ sites in 33+ countries, Jabil’s SOX compliance and monitoring has had to grow and adjust to the ever-changing environment. For many years, the Finance and IT departments worked through the growth with the early GRC tool (you may remember Virsa), but we still relied on external consulting for segregation duties, which became quite costly over time, and the business diversification that required additional levels of compliance due to U.S. federal regulations, not to mention our global growth into various countries and their regulations.
During this growth, many of our plants were treated as autonomous entities, as our customers needed very specific solutions to their supply chain demands. Roles and access in each plant were very different to accommodate the various customer needs. In 2015, we took on the project of upgrading our GRC Access Control to 10.1 and in that upgrade, we did a major role redesign and brought standardization to all of Jabil’s manufacturing instances, while monitoring for SoD violations and providing the additional benefit of quantification monitoring.
Read the presentation here.