Rule

Quick Scan

Your situation
Your Approva BizRights environment has been monitoring your financial systems against your company specific segregation of duties (SoD) and sensitive access (SA) rules for a number of years. Remediation of those financial systems and changes to your compliance and risk requirements over time has resulted in the need to enhance and refine your SoD and SA rules. This may include: Amendment of rule conditions due to tailoring for specific duties or tasks Rule amendment according to external audit requirements Refinement of rule conditions to avoid false positives Although these changes all have plausible risk assurance reasoning, they are often done during remediation of SoD and SA violations in an ad hoc reactive way. This can result in inconsistencies and variance in similar or identical duties or tasks within your specific set of rules. Furthermore, standard SoD and SA rule sets may have been refined and amended to reflect up to date industry best practices. Therefore your rule set may not be current with regard to best practice, potentially leading to loopholes in your desired level of security and traceability and false positives in your rule analyses. If not analysed and corrected, you may run the risk of unexpected audit findings in areas that are currently perceived as secure against possible SoD issue findings and / or fraud cases. Addressing this issue today is a manual, time consuming process and some organisations employ full time roles for rule administration.

Approach
Analysis of your rules: to identify inconsistencies and variances in rule conditions across rules for a specific duty or task to benchmark against industry best practices

Prerequisites
Any BizRights or Approva One version Exported copy of your master SoD and SA rule set Standard SoD and SA rules for SAP, Oracle E-Business Suite and PeopleSoft

Deliverables
5 day turnaround PowerPoint based presentation with findings summary Detailed analysis metrics and improvement options Suggested follow on scenarios

Our solution
Through a duty or task oriented automated quick scan of your SoD and SA master rule sets, we can rapidly ascertain: which duties or tasks are covered variance in those duties or tasks with respect to the underlying rule conditions within rules for that specific duty or task false positives within rule conditions all within a matter of days. Furthermore, we can benchmark your SoD and SA rule set against the industry standard.

Investment
Fixed price based upon: One master rule set with up to 200 SoD or SA rules Remote access to / XML-export of rule set One hour presentation of the findings

The result
Rule Quick Scan gives you a comprehensive overview and drill down of your implemented BizRights or Approva One SoD and SA rules allowing you to: assess quality and effectiveness with respect to consistency and completeness benchmark against industry standard define corrective measures needed to optimize your rule sets thus assuring that your rule sets match and are covering the right risk requirements and reflect industry best practice A Consider Solutions quality service

Contact us for your price quote