A customer needed to define and create IT business compliance rules, in order to be prepared before receiving a visit from external auditors that may discover violations of industry regulations and fine them.
Another company in the same business was audited 8 weeks prior and was fined by $1 Mil. This company did use internal auditors, however the amount of data that they had to process was overwhelming and despite having many people working and spending a lot time on this, it was simply not enough.
The IT internal auditors received a presentation on Eurekify’s solution and quickly grasped that the solution can:
1. Create all the type of business rules that they need
2. Easily load all the current rules that they have defined
3. BOTTOM-UP DISCOVERY of many potential new business compliance rules that are base on HR data
The next step which took only a couple of days, the IT auditors were able to load the IT access rights data and the HR data into Eurekify data warehouse, and used Eurekify to discover and review many new rules that are sensitive to HR attributes, such as:
Only people that hold the following HR attributes:
1. Division = Corporate
2. Department = Finance
3. Title = Account
Can have access to:
1. SAP Finance Application
2. Finance Shared folders
And many other rules…
For more information, questions or ideas - send me your comments
Ilan Sharoni
isharoni@eurekify.com
http://www.eurekify.com/
