I recently reached my first anniversary here at WIS publishing. It was a fast year. I remember in my first blog that I wrote a year ago I used a slowly melting mound of snow in our driveway as an analogy for the economy slowly gaining momentum again after being mired in hard times. This past winter in New England was nonexistent -- at least in terms of snowfall. In fact, last month we experienced a few days that were much warmer than usual, and yet during one of those days, I noticed a small mound of snow in the same place that I noticed one last year. This mound was staying on the ground in defiance of the warmer days.
This time the small patch of snow reminded me of how a vulnerability or a risk element can be present in your organization even while you think all your transactions are secure. In a question-and-answer article for GRC Expert, Sonny Dasgupta, senior director, solution marketing, SAP Governance, Risk, and Compliance Solutions at SAP, made the following comment in response to a question about the types of software businesses can use to protect their SAP systems from fraud:
"SAP solutions come off the shelf with controls embedded in them. A good example would be SAP ERP, which has key controls already in place for companies to implement, based on their business scenarios. But having controls is not enough. You have to also prove that these controls are working efficiently and mitigating risks for your company. As part of the SAP BusinessObjects GRC portfolio, SAP BusinessObjects Process Control provides users with capabilities, and our EBS (Enterprise Business Solution) partner, Oversight Systems, also enables busi
nesses to monitor every transaction in their ERP and other systems to look for opportunities to improve business processes and reduce cost by eliminating fraud, waste, errors, and abuse."
Read more of Sonny's comments about continuous transaction monitoring in the full article on GRC Expert.