SoD strategies or solutions that worked ten years ago have become unmanageable for many organizations because “first generation” GRC tools and manual processes have not able to keep up with auditor demands in 2012.  Many enterprises must live with known SoD violations given their size or worker mix (for example, an employee in the field office may have to create purchase orders and receive goods). Auditors require that mitigating controls be implemented and reported upon to demonstrate that a risk has been “double checked” to help ensure fraud has not occurred (Who was notified that Alice created a PO and received goods from the same vendor? Was there a documented review?).
                            

When installing compliance automation solutions, we’ve seen five key reasons, or triggers, that mandate a change in how SoD compliance is tracked and reported.

• Manual controls are inadequate or too time-consuming
• Change in audit firms – “new sheriff is in town” mandates changes
• First generation GRC solutions expensive, often never fully implemented and cumbersome
• A negative audit finding necessitates a change
• A “near miss” or bona fide incident occurs, resulting in a need to change

About ControlPanel^GRC

ControlPanelGRC™ is a new breed of Governance Risk and Compliance (GRC) automation solutions – one that focuses on rapid implementation, ease of use and broad functionality aimed at making SAP^® users Always Audit Ready™.  Part of Milwaukee-based SymSoft Corporation, ControlPanelGRC’s integrated GRC technology suite addresses the major areas of compliance concerns for SAP users.  With over 50 implementations in two years, ControlPanelGRC has given its clients the ability to confidently satisfy compliance requirements while accelerating workflows that enhance their team’s productivity.