EFS commented on the usage of CSI Authorization Auditor during the SoD project.
"This tool helps to identify the risk levels. It also allows us to link compliancy rules (type SOx and others) with the authorizations in SAP."
Directeur Adjoint de l'Audit et du Pilotage Stratégique
For EFS, who wished to approach the standard, this solution also allowed the implementation of normalized rules, categorized by importance, while incorporating these rules.
"This way, we were better equipped to identify the conflicts, allowing us to make a systemic analysis with a solid tool while, among other things, taking the authorization objects into account. Therefore, we reinforce the separation of duties while securing our processes."
Auditeur lnterne à la Direction de l'Audit et du Pilotage Strategique