Employees:
1,000+
Success Story
Advising and Implementing Application Governance to Help a Global Food & Beverage Manufacturer Go Public
Services: Advisory & Implementation
Solution: FastPath
Industry:
Food & Beverage
Revenue:
$500 million+
The Situation
Our client was seeking to go public, but lacked the application governance controls to meet SOX compliance.
The organization was planning to either go public or seek acquisition, but lacked the SAP security controls required to pass a SOX audit that would make the plan a reality. Having previously engaged MajorKey for a cybersecurity assessment, Delinea (PAM) implementation, and SailPoint (IGA) implementation, our client elected, once again, to utilize MajorKey for the Application Governance vendor selection process.
The Business Impact
The lack of SAP security controls meant they couldn't go public, while creating access inefficiencies.
Beyond being unable to go public or seek acquisition due to the lack of Application Governance, there were several other business impacts:
- Lack of least privilege within SAP
- Access requests had to be submitted and approved manually
- Inability for zero-day starts due to a full manual user onboarding process
When looked at holistically, the organizational impact of a lack of Application Governance went far beyond just going public or a potential merger, and in fact resulted in significant security risks and inefficiencies within SAP.
The Solution
The MajorKey team conducted the vendor selection process and implemented FastPath pass SOX audits, establish least privilege, and streamlining zero day starts processes.
The first step towards addressing Application Governance was analyzing potential vendors and selecting one that best aligned with the client's business requirements. In this case, our team examined the following elements in order to make a recommendation:
- Business critical applications, which was SAP in this case
- The complexity of access management within SAP
Our team then conducted workshops with the application owners and compliance stakeholders to establish their specific business requirements. When this data was collected, we coordinated demos with potential vendors and established a proof of concept for our client to evaluate.
Once the vendor was selected, we implemented the software while redesigning SAP roles to maxmize efficiency.
Following the vendor assessment and subsequent FastPath implementation, our client was able to establish least privilege in SAP while streamlining the access request process and enhancing productivity through zero day starts.
The MajorKey Approach
Our unique approach gave our client the confidence they needed.
Our approach is encompassed by the following values:
- Process-focused, not tool-focused. We are a vendor-agnostic provider. In other words, when working with clients we focus on business processes and outcomes rather than pushing a specific tool.
- Structured project management. We rarely miss deadlines and always stay under budget.
- Organizational change management. We dedicate significant time to helping the organization work through new policies and procedures associated with a migration. This includes end user training by roles and responsibilities, assistance with sponsorship adoption and roll out procedures, communication templates for deployment, and more.
- Agile development style. Our developers seek client feedback early and often throughout the life of a project to ensure client satisfaction after deployment.
- User acceptance training. We have a highly structured, clearly defined process for making sure the tool is driving value for the business users. This reduces post-live issues and encourages tool utilization after deployment.
- Post-live and managed services. We provide 24x7 on-call support for the most critical issues that may arise following a deployment.
Get in touch
Looking to delivery a better experience for your employees and customers? Drop us a line and we’ll get back to you in a heartbeat.