Contact
NTT DATA Business Solutions
NTT DATA Business Solutions | October 24, 2016

A Customer Journey of Automating Control Testing With SAP GRC Process Controls

Hardware manufacturer uses GRC Access controls to save time and money
  • Home
  • Advisory
  • A Customer Journey of Automating Control Testing With SAP GRC Process Controls

A hardware manufacturer struggling with inefficient manual configuration controls and master data testing has changed course thanks to a unique intellectual property solution from NTT DATA Business Solutions and SAP GRC Process Controls.

Previously, an internal audit team leveraged a global SAP instance and a centralized GRC Process Controls and Access Controls instance to satisfy COSO 2013 compliance obligations on Internal Controls, and to satisfy internal and external audit testing. The manufacturer had manually tested configuration controls and master data in the past, but in time this process proved to reduce the effectiveness of control testing, while also increasing costs.

It was evident that the manufacturer needed a solution that could automate manual controls, and the company’s IT team sought a tool that could evaluate the SAP configuration once and alert technicians when any automatic design changes occurred, ensuring consistently in the future.

The Ideal Solution

NTT DATA Business Solutions’ unique AutomateAccessControls.it solution proved an ideal fit for the manufacturer, delivering a library of automated controls to streamline the process of automating manual configuration controls testing.

NTT DATA Business Solutions led the manufacturer through a GRC Process Controls build for several business processes, including Procure to Pay, Order to Cash and Record to Report. The team then automated SAP application controls through Continuous Controls Monitoring (CCM) functionality within the SAP GRC Process control, building new continuous monitoring controls for the business processes in the manufacturer’s current GRC 10.1 version.

A Two-Phased Approach to Success

Following a two-phased approach, the project’s initial phase focused on the automated controls design and went live in under six weeks. During the fast timeline, a list of more than a dozen controls were scoped and blueprinted based on inputs provided by the manufacturer, allowing the team to review the configuration and scenarios using the CCM functionality.

Phase two was also completed in a quick six weeks, during which NTT DATA Business Solutions built and configured the controls, conducted a fit gap analysis, and provided the manufacturer with continuous support. As a result of the project the manufacturer has experienced ongoing internal cost savings, and the new controls satisfy the COSO framework for internal controls testing.

Today, the manufacturer’s newly automated controls ensure superior compliance from the start, and staffers are able to spend fewer hours configuring and testing controls and can focus more energy on serving customers.