Expand +



From Reactive to Proactive

How to Anticipate Problems, Cut Costs, and Avoid Risks in Your Compliance Program

by Gary Dickhart | SAPinsider, Volume 16, Issue 1

January 1, 2015

Changes in an organization, like new solutions or acquisitions and reorganizations, can cause negative affects like increased workload and confusion. As a result, important tasks can be swept aside and goals put off target. Read this article to see how you can go from a reactive to proactive organization that is able to solve problems before they arise.


Many companies have small staffs to manage their financial compliance efforts. While this approach is deemed adequate from a maintenance perspective, business changes can put a strain on limited resources. Technological changes often require extra effort and acquisitions and reorganizations can have a similar effect. In both cases, new functions and increased work can overwhelm groups that are stretched thin as it is. As a result, important daily tasks are swept aside or highly visible projects may be negatively affected. The solution is to develop a proactive, sustainable compliance program that breeds efficiency and reduces risk. Let’s look at how you can implement such a program — and what might be standing in your way.

The depth of knowledge surrounding compliance solutions and their proper use are important elements in sustaining a robust compliance program.

Impediments to a Successful Compliance Program

Staff changes can be disruptive to maintaining a sustainable compliance program. When employees are moved to new assignments, new personnel — technical or business — must be trained, requiring time and resources that were already spent training the previous members of the program.

Then there is the matter of interdependencies within units: Compliance personnel rely on security employees to execute some of the more technical tasks; security personnel in turn rely on the compliance team to interface with the business. If one of these units has turnover or is outsourced, both services can be negatively affected. In both cases, incomplete or poorly documented policies and procedures hinder new personnel in getting up to speed, and affect the enterprise as a whole.

When SAP solutions are part of the compliance program, many of these interdependencies can be triggered by workflows and automated processes. The depth of knowledge surrounding these solutions and their proper use are important elements in sustaining a robust compliance program.  

However, your compliance program may be at risk if you face any of these issues:

  • A rising numbers of security roles that rapidly climb from hundreds to thousands
  • Recurring segregation of duties (SoD) violations and control failures during testing processes
  • Audit exceptions year after year
  • Stagnant, one-way compliance reporting
  • Mitigating controls used to suppress SoD violations that climb into the thousands
Reactive to Proactive

In an effort to meet these challenges, Customer Advisory Group offers a service called Smart Sourcing, which gives clients a way to provide resources dedicated to security and compliance efforts. Customer Advisory Group’s senior personnel are experienced in security, compliance, and audit disciplines, and have serviced over 400 customers, imparting a wealth of effective best practices and solutions. One of the biggest benefits of Smart Sourcing lies in shifting your compliance program from reactive to proactive, seeking out problems or unexpected events before they happen.

These services are now offered for a flat fee, and include an automated solution if one is not already in place. Our knowledge of the solution and associated best practices enables the service to be delivered more efficiently by optimizing the use of the technology without the multiple costs associated with software licensing, maintenance fees, and consulting. We also offer a subscription-based educational services program covering best practices and technical tips and tricks on everything from upgrade projects to SoD rule maintenance.

Visit for more information about developing a proactive compliance program

An email has been sent to:


Gary Dickhart
Gary Dickhart

Chief Operating Officer
Customer Advisory Group LLC

More from SAPinsider


Please log in to post a comment.