Founder & CEO of ERP Maestro. Jody is a trusted advisor and security thought leader who is a CISSP, a CISA, and former director of KPMG. Follow him on Twitter @JodyCPaterson.
The World’s First Free Tool that Provides Instant Visibility to Access Risks
Updated on September 6, 2019: We’ve transformed Active Risk Monitoring (ARM) into Access Security Risk Assessment. Visit here to learn more.
Keeping pace with the rapid digital transformations, ensuring Sarbanes-Oxley (SOX) compliance and securing against cyber threats, is a demanding act for any IT, security, compliance or internal audit professional. Sixty-six percent of all internal threats are due to inefficient and improper management of internal controls.
Getting visibility into access risks can be challenging. Using manual reports to understand each user’s access, whether they have access to sensitive data and whether the access is causing a segregation of duties (SOD) conflict, can be a grueling task that is inefficient, inaccurate and extremely time-consuming.
As a part of ERP Maestro’s mission to equip every organization using an SAP ERP system with the ability to detect access risks, deter fraud and prevent insider cyberattacks, we have launched Active Risk Monitoring (ARM) — the world’s first free tool of its kind to analyze and report on access risks in SAP.
What is ARM?
Downloaded in minutes, ARM is designed to provide SAP customers with immediate visibility into segregation of duties (SOD) conflicts and provide recommendations on how to quickly remediate them. It gives a brief risk snapshot with instant visibility into user risks based on level-of-risk rating (transaction usage) and business processes.
Gartner states that companies can reduce the risk of internal fraud by 60 percent through effective (SOD). Given that companies lose five percent of their annual revenue to internal fraud, having visibility into SOD can help companies immediately identify access violations and reduce them through the various remediation recommendations provided – thereby, decreasing the probability of internal fraud.
An ARM report conveniently arrives in a subscriber’s inbox every month and provides a highly visual and intuitive dashboard that captures current risk status to help a company understand its overall progress in risk management.
Why use a completely cloud and totally automated tool?
Gartner recommends the use of automated SOD controls monitoring for ongoing risk management. However, most automated solutions require additional infrastructure, disrupt business processes and slow down the company’s SAP ERP system.
Unlike the other cloud-hosted or on-premise solutions for automating access controls, ARM, like the rest of ERP Maestro products, has been built as a native-cloud tool with customer ease-of-use and convenience in mind. Its unique architecture allows for near-instant installation – although the plug-and-play simplicity makes it a stretch to even call it an installation.
How can you start using ARM?
The implementation of ARM can be completed in a few minutes in just three easy steps:
1. Register to use ARM
2. Download and install the ARM agent
3. Receive your risk report