Truspeq

GRC Service

Our SAP Security Risk and Governance Practice capability includes:


Review of SAP security, including SAP security parameters and technical configuration

Review of security process & organizational readiness

Basic review of authorization concepts & processes

Review of security patch management

Review of Baseline Security Policies and Procedures

Identifying potential vulnerabilities & risks

Recommending controls for mitigating risks

Review of Segregation of Duties

Identifying potential vulnerabilities & risks

Recommending controls for mitigating risks

Risk Analysis & Remediation – Review of configuration and effectiveness of Segregation of Duties

Compliant User Provisioning – Review of user provisioning process, configuration and adequacy of controls

Enterprise Role Management – Review of role management process, configuration and adequacy of controls

Super User Privilege Management – Review of access of users performing emergency activities, its configuration and adequacy of controls

Implementation & Support of SAP GRC10 – Access Control Module

Support for upgrading from older to newer version

Documenting Compliance Initiative – Defining compliance structure and identifying all relevant organizations, processes, risks & controls

Planning – Establishing assessment and test strategy

Assessments & Tests – Performing assessments, verifying configuration and establishing adequacy of controls

Remediating Issues – Review remediation of issues and establish adequacy of controls

Implementation of SAP GRC10 – Process Control Module

Support for upgrading from older to newer version

Some of our GRC customers include: