Accelerate Your Access Controls Automation Journey

Our simple, cloud-based solution paired with unmatched expert guidance can help you reduce the cost and complexity of SAP® access security.



See Access Analyzer

FIA Dashboard CTA


About ERP Maestro

For companies looking to simplify SAP segregation of duties, audits and compliance, ERP Maestro provides a full, actionable and accurate view of access risks in their environment via automated business-ready reporting, as well as preventative controls like emergency access and secure provisioning. All of this in one simple to use cloud-based tool that requires almost no setup time and maintenance. 
 


Best-in-Class, Audit-Ready Reporting

Best-in-class Reporting
Out-of-the-box

Don't spend hours configuring reports manually. Our reports dive deep into access risk intelligence and goes down to the authorization object level.



Secure Access Anytime, Anywhere from any Device

Secure Access Anytime, Anywhere from Any Device

Our web-based, responsive interface is easy to use whether you're in the office or on-the-go. Secure SSL technology keeps your data safe.

Access Analyzer - Automatic Updates

Full Access Control Automation
in the Cloud

Cloud-based access controls automation means very little time, zero maintenance, and no need for upgrade decisions since you get updates automatically.



 From Zero to Audit-ready Reporting in 24 Hours

From Zero to Audit-ready Reporting in 24 Hours

No long implementation cycles. We cut it down to a 30 minute to 1 hour meeting with a guided install and configuration of our lightweight connector agent.


Setup in 30 minutes. No long implementation processesthat are costly and tie up resources.
Setup in 30 minutes. No long implementation processesthat are costly and tie up resources.

Backed by Audit and Industry Expertise

Audit and Industry Expertise
that Stays with You

Our guidance doesn't end after implementation. Our team of industry veterans and experts are here to help you throughout your journey.



 Flexible Annual Subscriptions

Flexible Annual
Subscriptions

Our annual subscriptions are the most flexible in the business. Choose us for one, two, or three years – the longer you commit, the more you save.





Customer Success Stories

 




Case Study: Global Security Company



Learn how Jeffrey Davis was able to easily reduce Segregation of Duties auditing time by 700+ hours.
Read More Case Studies


What Customers Are Saying

Global Security Systems Corporation

 

- Jeff Davis, Assoc. Dir. IT Security & Risk, 
Global Security Systems Corporation

ProxyChem

 

- Manu Budhati, Manager of SAP Applications,  PeroxyChem

Leading Worldwide Industrial Company

 

- Sr. Business Systems Analyst,
Leading Worldwide Industrial Company

Cosmetics and Beauty Products Company

 

- Sr. Director, Internal Audit,
Cosmetics and Beauty Products Company





Some of Our Partners

 Grant Thornton

CSC

Baker Tilly

 soxhub_logo_jpeg_1dpz8lvg3bjr6_cuf





Latest Resources on Segregation of Duties, Audits, & More

Top 5 Reasons Companies Fail SAP Access Audits

In our latest webinar, learn what NOT to do when preparing for your SAP access audit.  Learn more

10 Most Common SoD Conflicts

In our ebook, learn about the most common segregation of duties conflicts in SAP.  Learn more

PeroxyChem case study

Read our case study to learn how PeroxyChem reduced 97% of their SoD conflicts.  Learn more

Increased External Audit Scrutiny Puts Spotlight on Access Controls


Check out CEO Jody Paterson's latest feature in SAPinsider on the future of access controls.  
Learn more




New Call-to-action


News


ERP Maestro Introduces Next-Generation Access Risk Analysis Capabilities at SAPinsider GRC and IIA GAM Conferences

Date_Icon
March 22, 2017

Financial Impact Analysis, Online Drill-Down Dashboard Among New Features Enabling Quicker Detection and Understanding of Access Risks


LAS VEGAS, NEVADA – March 22, 2017 – ERP Maestro, a leader in cloud-based automated controls for access to SAP®, announced today significant enhancements to its Access Analyzer software as a service platform. The new capabilities are being introduced to attendees at the annual SAPinsider GRC and IIA GAM conferences this week and give enterprises unprecedented visibility into the causes of SAP access risk and security weaknesses.

Online drill-down reporting lets companies visualize their risk with a beautifully enhanced, simple interface. Customers can dig deeper to understand the root causes of authorization issues by simply clicking – then determine the users that have actually executed on that risk. Financial Impact Analysis allows further drill-down capabilities to understand actual modifications made. It also allows compliance teams to associate a monetary value to associated risk and any potential fraud.

Financial Impact Analysis

Financial Impact Analysis is a new add-on module of Access Analyzer that empowers IT, Audit and business process owners with the ability to quickly see and search modifications made to data in SAP that indicate potential fraud or other access-related risks. This allows a laser-focus into only those actions that pose the highest risk for an organization, and accelerates the time for remediation.

  • Deepest level of access utilization detail available: Exposes not just what a user can change, but what a user actually did change using the access granted.
  • Determine financial relevancy of risks: A monetary value can be assigned to the modifications made to help identify instances of fraud. This information is often requested by auditors but is also very valuable in understanding the tangible risk to the business.
  • Powerful query tool: Users can search the SAP change log by transaction code, user, business function or rule and filter results to show only records reflecting changes during the period analyzed.
  • Longer change data storage: Because Access Analyzer is powered by the cloud, SAP change log data may be stored for longer than what is typical with existing solutions – as long as 18 months.

Online Dashboard and More Reporting Features

Access Analyzer’s reporting features become significantly more powerful when backed by the change data and intelligence provided by Financial Impact Analysis. Beautiful, high level dashboard reporting provides a meaningful picture of risk at-a-glance, with the added ability to drill all the way down to specific changes made that triggered the risk, and who executed those changes.

 

  • Change-Data Utilization Overlay: The current overlay of actual utilization that exists in several Access Analyzer reports is now augmented with actual change data behind the utilization, further isolating Executed Risk to allow simplification and reduction of a remediation program.
  • Simple online, drill down reporting: Beautiful dashboards, built using ERP Maestro’s award-winning best practices-based reporting.
  • Periodic Analysis and reports: Ability to schedule recurring Analysis jobs and recurring One-Click Reports.


Additional Enhancements to Preventative Controls

  • Deep dive into periods of elevated access: Modifications made by users while they had elevated access is now integrated. Search based on dates, user, specific transaction codes, and set up recurring searches.
  • Compliant provisioning supports job based designs: Role tagging allows administrators to annotate Roles, making them very easy for non-SAP users to find and select for provisioning. This is a key feature that empowers task-based role grouping in the provisioning process.

“Our mission is to save companies running SAP time, effort and expense when it comes to managing controls for access by building beautifully simple, turnkey solutions to solve their problems,” said Jody Paterson, CEO and Co-Founder of ERP Maestro. “These enhancements are a huge step towards fulfilling that mission, and reflects all the learnings we’ve had from our customers these last four years. It will make people’s lives easier, and I couldn’t be more excited to introduce it to the market.”



About ERP Maestro
Using the power of the cloud paired with in-house SAP® and audit expertise, ERP Maestro takes the complexity out of managing access risk and security in SAP environments with a software-as-a-service that provides risk-based, business-ready segregation of duties and sensitive access reporting, automated emergency access and secure provisioning. Expert hands-on guidance along the way empowers organizations to accelerate fraud prevention, audit preparation and governance, risk and compliance
(GRC) maturity. Learn more at www.erpmaestro.com.



Read our official press release here: http://www.prweb.com/releases/prweb14174256.htm


risk overview dashboard

Grant Thornton Leverages ERP Maestro to Enhance Audit and Advisory Services for Clients

Date_Icon
March 22, 2017
LAS VEGAS, NEVADA – March 22, 2017 – ERP Maestro announced today at the SAPinsider GRC 2017 conference that the company has teamed up with Grant Thornton, LLP to enhance audit and advisory services for its clients running SAP® ERP applications. The globally-recognized audit firm has begun utilizing ERP Maestro’s cloud-based Access Analyzer solution in client audit and advisory projects, which accelerates identification and remediation of access risks in SAP.

Grant Thornton is the latest in a growing group of external audit firms with which ERP Maestro has engaged in the last year. From boutique, industry-specific consultancies to a global Big 4, these companies have looked to ERP Maestro for the technology needed to meet the increased completeness and accuracy standards being enforced by the Public Company Accounting and Oversight Board (PCAOB) and other regulatory bodies.

Through the agreement, Grant Thornton utilizes Access Analyzer with clients to run a one-time segregation of duties (SoD) and sensitive access risk analysis. After the audit or advisory project concludes, the solution is then available to the client as an annual ERP Maestro subscription. This option enables continuous monitoring of SoD conflicts, sensitive access and the automation of controls around access to the SAP environment, thereby reducing the burden of remaining compliant.

“The usage of automated audit technology to detect risks is essential as SAP environments become more complex and vulnerable to breaches,” said Ben Harder, Managing Director, IT Assurance, Business Risk Services at Grant Thornton. “ Leveraging the ERP Maestro technology enables Grant Thornton to provide our clients with a higher level of accuracy in our findings and do it more quickly.”

Jody Paterson, Co-founder and CEO of ERP Maestro adds, “We are thrilled to be able to add Grant Thornton to our list of audit partners and add value to their audit, advisory and SAP-focused security assessment services. We share the vision of improving their clients’ security and risk environments, and are completely committed to helping them succeed in that endeavor.”


About ERP Maestro
Using the power of the cloud paired with in-house SAP® and audit expertise, ERP Maestro takes the complexity out of managing access risk and security in SAP environments with a software-as-a-service that provides risk-based, business-ready segregation of duties and sensitive access reporting, automated emergency access and secure provisioning. Expert hands-on guidance along the way empowers organizations to accelerate fraud prevention, audit preparation and governance, risk and compliance
(GRC) maturity. Learn more at www.erpmaestro.com.


About Grant Thornton LLP
Founded in Chicago in 1924, Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton, which has revenues in excess of $1.6 billion and operates 59 offices, works with a broad range of dynamic publicly and privately held companies, government agencies, financial institutions, and civic and religious organizations.

See more at: https://www.grantthornton.com/about- us


Read the official press release here: http://www.prweb.com/releases/prweb14174300.htm
ERPM and GT

ERP Maestro and SOXHUB Partner to Provide Fully Automated SAP User Access Reviews

Date_Icon
March 22, 2017

LAS VEGAS, NEVADA – March 22, 2017 – ERP Maestro, a leader in cloud-based automated access controls for SAP® and SOXHUB, the leading SOX software company used by Fortune 500 organizations, announced today at the SAPinsider GRC 2017 conference plans to cross-integrate functionality that will offer each company’s clients the ability to fully automate User Access Reviews and automate Sarbanes Oxley control testing for SAP.


User Access Reviews are pervasive controls that can be challenging for enterprise organizations to manage due to their largely manual nature. If they are not performed frequently enough, they can lead to material weaknesses found in corporate audits stemming from misstatement, fraud, misappropriation, or misuse of access. This is a common challenge faced by many organizations, requiring complex, often customized solutions to fix.


The partnership and integration between SOXHUB’s Workstream and ERP Maestro’s Access Analyzer will empower companies with game-changing, end-to-end control over user reviews. Tasks and processes related to User Access Reviews will be fully automated. For example, SOXHUB users will be able to see User Access Review listings, which will automatically populate into SOXHUB from ERP Maestro. Follow-up tasks will then automatically be created in SOXHUB’s workflow automation tool, and automatically assign preparers and reviewers their due dates.


Additional Benefits of this integration will include:

  • A Dashboard that funnels highlights up to the CFO/CTO on a day-to-day, real-time basis, showing the status of controls, including User Access Reviews, and who is responsible for the gaps.
  • Automatic Workflow and Notification Reminders. If the tasks are not completed by the due date, reviewers will automatically receive reminder notifications.
  • Desktop Procedures. All sign-off requirements for end users are included as well as accompanying desktop procedures and any questions or exceptions.
  • Full Visibility into the risk profiles of areas where the User Access Review is not being performed-by business entity, users, or departments.
  • Time Savings. SOXHUB and ERP Maestro’s integrated solution will eliminate the need for a Project Admin to administer the User Access Review process, leaving them to focus on more business-critical issues.

“SOXHUB is excited to team up with ERP Maestro to extend Workstream’s capabilities,” said Daniel Kim, VP of Product and Solutions at SOXHUB. “Our technologies are truly complementary, and we look forward to working together to improve GRC for our mutual customers.”

“ERP Maestro and SOXHUB both exist to make SOX and other similar regulatory compliance requirements easier for enterprises,” said Jody Paterson, CEO and Co-Founder of ERP Maestro. “This partnership fits right in with our objective to remove the barriers of complexity for managing access risk. Think of it as a powerful analysis and reporting engine now combined with a complete control documentation and workflow platform. We are excited for what’s ahead.”



About ERP Maestro
Using the power of the cloud paired with in-house SAP® and audit expertise, ERP Maestro takes the complexity out of managing access risk and security in SAP environments with a software-as-a-service that provides risk-based, business-ready segregation of duties and sensitive access reporting, automated emergency access and secure provisioning. Expert hands-on guidance along the way empowers organizations to accelerate fraud prevention, audit preparation and governance, risk and compliance
(GRC) maturity. Learn more at www.erpmaestro.com.

About SOXHUB
SOXHUB was designed and purpose-built to make SOX and internal controls simple. Our product helps Internal Auditors work more efficiently by addressing their biggest pain points: spreadsheets volume, version control issues, and data redundancy, while empowering smarter collaboration between process owners to begin owning their controls. SOXHUB’s mission is to revolutionize how Internal Audit teams work while constantly striving to build the ideal experience for process owners. Every day, we help
companies by providing a solution that truly streamlines internal controls and SOX in a simple, effective way. Learn more at www.soxhub.com
.
 

Read the official press release here: http://www.prweb.com/releases/prweb14174308.htm
ERPM and Soxhub


Events




All Access Blog