Upload
selva-kumar-itil-cgap-cisa
View
647
Download
4
Embed Size (px)
DESCRIPTION
SAP Security Audit FISCAM Cotrols AuditBot's FISMA solution simplifies and streamlines your SAP Compliance by centralizing compliance and access management for SAP ECC System. The AuditBot Express GRC Suite does this while addressing FISMA's essential identity and access management requirements
Citation preview
Compliance Designed WellAuditBot
AuditBot Overview• AuditBot provides…• expertise in intelligently identifying and responding to risks that impact SAP
System.
• So that…• organizations can automatically identify, manage and prevent Risks that result
in…– … user having excessive Access– … poor SAP security design– … risk due to security vulnerability– … costly audit findings
• We do this by providing…• a SAP Audit software solution that delivers precise, actionable and auditable
intelligence of control breakdowns across systems, processes and transactions
Automate Compliance
Improve Operations
Reduce Risk & Fraud
3
• “All the audit programs are written in ABAP Program”
• “All the audit logs are gathered and recorded into custom table for unlimited use
ABAP Based
No New Hardware
Quick Implementation
• “Solution can be deployed in SAP System on the exiting hardware.”
• Existing company resource can support the product
• “Solution can be implement Quickly some time even within one day.”
• “Training the internal audit team is quick as the report are one click execution.”
Architecture
SAP Certification
Metropolitan Fire Brigade-Australian Government Agency
"This is a simple but very versatile software suite addressing all SAP GRC features and much more.
It is an ABAP suite fully incorporated with the SAP application." said Upul Prematunga, Manager - Financial Compliance at the Metropolitan Fire
Brigade-Australian Government Agency.
AuditBot clients
Federal Information Systems Management Act
• With the passage of the Federal Information Systems Management Act (FISMA) in 2002, federal IT security managers - and the vendors and consultants who work for them - have been tasked with addressing loose practices around access control, privilege management, accountability and auditing in particular.
• The National Institute of Standards and Technology (NIST) has issued Special Publication 800-53 to provide guidance on complying with FISMA.
• While NIST SP 800-53 divides FISMA compliance into a wide range of issues, from physical security to training to IT auditing, four of its 17 sections are of specific interest to federal IT security managers
Custom object analysis
Monitor 100% of transactions
Fully Automated
High Level FISMA Requirements
• Establish accountability by uniquely identifying each individual and linking their access rights, permissions, and audited activity to a single user identity
• Enforce a separation of duties between SAP functional, SAP Support and SAP End users
• Apply role-based access controls and permission management on a least-privilege basis, giving each user access only to the systems and functions needed to perform their jobs
• Audit user activity, capturing sufficient detail to establish what events occurred, who performed them, and the outcome
Custom object analysis
Monitor 100% of transactions
Fully Automated
The AuditBot Solution
AuditBot's FISMA solution simplifies and streamlines your SAP Compliance by centralizing compliance and access management for SAP ECC System.
• Consolidates all the logs from multiple systems into one unified log so the Auditors can have comprehensive view of your SAP Risk from multiple Systems
• Enforce separation of duties and "need to know" access control by using AuditBot's unique Rule Set to define transaction grouping based on specific SAP Functions
• Implement least privilege and centrally manage SAP Super User Access in SAP Systems
• Capture detailed audit logs on SAP systems to verify that access controls are working as designed and to monitor for suspicious activityCustom object analysis
Monitor 100% of transactions
Fully Automated
• Free 30 Proof of Concept• Same day installation and
Configuration• 365 Day Money Back Guarantee• Basic Configuration Includes• Will Provide Custom Enhancements • When Can We Start• Email: [email protected]• www.AuditBots.com
Our Value