Download presentation
Presentation is loading. Please wait.
1
Managing Business Access Conflicts
2
About Thirdware CELEBRATING 20 YEARS
OF PROVIDING SERVICES IN QAD AND QAD ENABLEMENT. INDUSTRIES MILESTONES AUTOMOTIVE ELECTRONICS LIFE SCIENCES CONSUMER PRODUCTS FOOD & BEVERAGE FINANCIAL RETAIL TELECOMMUNICATIONS IT SERVICES EXPERTISE 1995: QAD Asia Pacific 2000: Ford 20% Equity 2005: Oracle/Hyperion Partner & SAP Partner 2008: CXO Cockpit Partner 2013: Salesforce & BIRST Partner Consulting and Implementation Application Management Services Upgrades, Transitions & Separations Application Development Services Trainings & Learning Services 300+ HAPPY CUSTOMERS 900+ DEDICATED EMPLOYEES GLOBAL OPERATIONS
3
Visteon Fast Facts
4
Business Issues Lack of visibility into QAD SOD Issues.
Analysis and mitigation of SOD Conflicts were reactive and un-sustainable. Heavy workload for internal control / security team in – Analyzing and executing QAD access Preparing reports manually for audit requirements Maintenance and propagation of SOD Matrix
5
BAC Solution BAC Solution Features Maintain SOD Matrix
Standard SOD Matrix SOD Analysis including Simplified Screen QAD Specific User Access Requests Online Conflict Analysis Approval Workflow Integration with QAD User Access Analysis & Deactivation Manage temporary user requests
6
QAD Security Functions
User Access Mgmt. Domain level security Menu, Groups & Roles Menu & Group level Reports Role based security Simplified Screens
7
Business Access Control Functions
User Access Mgmt. SOD Conflict Matrix Domain level security Menu, Groups & Roles Menu & Group level Reports Role based security Simplified Screens SOD Conflict Status Analysis Maintain SOD Conflict Matrix SOD Conflict data based on access provided to users
8
Business Access Web Application
User Access Mgmt. SOD Conflict Matrix Domain level security Web-based Provisioning Tool Menu, Groups & Roles Menu & Group level Reports Role based security QAD Access Approval Workflow Simplified Screens SOD Conflict Status Analysis Web-based provisioning tool with real-time SOD Conflict Query for users/ approvers SOD Conflict based approval workflow
9
Solution Architecture
Webapp Admin QAD Domain, Menu, Groups, Simplified Screen QAD to WebApp Domain, Menu, Users Conflict Data User Conflict Data QAD Visteon Rule Book Webapp to QAD Rulebook Updates VESS VESS VESS to WebApp User Access Request User Access Request - QAD Webapp to QAD Ticket Status User Access Request Approver Dashboard Approvals QAD User Creation/Update Webapp to QAD User Updates
10
Sample Conflict Matrix
Linked to Std. QAD Menus & Groups AR Payment Automatic Checks AR Payment Manual Job Description : Code that indicates unique roles/responsibilities applicable in QAD Job Description :Process Incoming Payment Process Incoming Payment AR Payment Automatic Checks High Conflict Purchase Order Receipts Manage Good Receipts AR Payment Manual PO Shipper Maintenance PO Shipper Receipt
11
Linking Menus to Job Description
JD Code & Job Description QAD Menus applicable for the Job Description
12
Solution Walkthrough User Access Request from Visteon Security System. When Application is “QAD / MfgPro” control is transferred to BAC WebApp SOD Conflict status is Validated and Reported to user when roles are selected
13
User can see the individual group level conflict status
Solution Walkthrough User can see the individual group level conflict status
14
User submits the access request with reason for access needed.
Solution Walkthrough User submits the access request with reason for access needed.
15
Solution Walkthrough Approval Dashboard Access Requests Count
By Conflict Status Individual Ticket with Conflict Status
16
Solution Walkthrough Conflict Status Approval Levels Low Conflict
Medium Conflict Access Control Team High Conflict Security Administrator
17
Key Benefits All User Access are validated for SOD Conflict Status during submission. All User Access Conflicts are reviewed, approved and recorded. Automation of User Creations and User Deletions. Temporary User Access controlled by Start & End Date. Users and Functional Approvers have visibility to SOD Conflicts and are empowered to make access request decisions. Automated process to monitor usage and action on inactive userids Removed the burden on internal control to continually audit / address the access requests. Reduced workload on Security Control team. Approximately 60 Person Days of effort saved on monthly basis.
Similar presentations
