GRC 2012 - Las Vegas

Sessions

Track 2: Segregation of duties, access control, and security

A detailed guide to access control reporting options, including advanced features

Add	Kapil Ashar, Ernst & Young Friday, March 16, 2012 8:30 am - 9:45 am

This session offers detailed insight into the enhanced reporting options available within SAP BusinessObjects Access Control 10.0. Get expert guidance to determine ...

A detailed guide to access risk remediation in SAP

Add	Jayne Gibbon, SAP Wednesday, March 14, 2012 11:45 am - 1:00 pm

In today's environment, we are inundated with data. As more and more managers realize ...

A step by step guide to choosing the right GRC reporting tool

Add	Gavin Campbell, Integrc Tuesday, March 13, 2012 10:30 am - 11:45 am

GRC systems leverage complex rules and hierarchies to assist with the streamlining of compliance and control processes. Choosing the best reporting method has commonly been treated as an afterthought with regards to GRC, resulting in ...

A technical guide to building approval workflows and integrating them with access control functionality

Add	Richard Calaba, SAP Labs Thursday, March 15, 2012 8:30 am - 9:45 am

With SAP BusinessObjects GRC Access Control 10.0, the former Java-based approval workflow from Access Control (AC) 5.3 was rewritten for SAP NetWeaver ABAP platform. The new workflow (aka MSMP workflow) is based on the standard SAP NetWeaver Business Workflow concept, but eliminates ...

An expert shares undocumented tips for customizing a segregation of duties rule set

Add	Jayne Gibbon, SAP Wednesday, March 14, 2012 4:00 pm - 5:15 pm

Learn best practices and key techniques for creating, reviewing, and maintaining your rule set in the SAP BusinessObjects GRC Access Control application. See how the rules delivered with this application can be used as ...

Best practices for creating a customized access control rule set for a multi-national organization

Add	Raymond Mastre, PricewaterhouseCoopers Tuesday, March 13, 2012 10:30 am - 11:45 am

Customizing a rule set for a multi-national organization is a daunting task because it must address critical risks to the entire business, yet be flexible enough to allow for local adaptations by individual entities. This session identifies the key challenges encountered in ...

Best practices for maintaining an SoD violation-free environment

Add	Ruth Johnson, Savera Systems Wednesday, March 14, 2012 10:15 am - 11:30 am

This session delivers techniques, tips, and tricks for maintaining user access that is free of segregation of duties violations. Identify the various risk analysis and remediation and compliant user provisioning components and how ...

Case study: How Allstate completed a do-it-yourself role redesign project for improved security and reduced segregation of duties conflicts

Add	Liz McHugh and Eric Pynnonen, Allstate Insurance Corporation Tuesday, March 13, 2012 4:15 pm - 5:30 pm

Prior to its role redesign project, Allstate was faced with significant security challenges, including transaction codes that existed in multiple roles which, in turn, led to audit violations. Attend this session to find out how the company was able to ...

Case Study: How Coca-Cola reduced the number of roles within its SAP landscape by 90%

Add	Kyleen Wissell, The Coca-Cola Company Wednesday, March 14, 2012 11:45 am - 1:00 pm

See why Coca-Cola chose SAP BusinessObjects Access Control 10.0 to manage increasing compliance requirements in its extensive SAP landscape which spans across more than 200 countries. Find out what new challenges Coca-Cola faced relating to ...

Case study: How Firestone completed a security remediation project in three months

Add	Cindi Richardson, Firestone Thursday, March 15, 2012 1:00 pm - 2:15 pm

Learn how Firestone tackled the challenges of upgrading to SAP BusinessObjects Access Control 5.3 alongside an SAP ERP 6.0 and Unicode upgrade, which included managing competing resources and a tight timetable. Walk through Firestone's best practice approach to prevent ...

Case study: How Johnson & Johnson prevents unauthorized access to its business critical systems

Add	Lynn Reed, Johnson & Johnson Thursday, March 15, 2012 2:30 pm - 3:45 pm

Take an in-depth look at how Johnson & Johnson implemented SAP BusinessObjects Access Control to confidently manage and reduce access risk across the organization. Examine how the company established its project timeline and business case for ...

Case study: How PepsiCo developed an SAP security model to meet the needs of a highly decentralized organization

Add	John Myers, PepsiCo Thursday, March 15, 2012 2:30 pm - 3:45 pm

Take a detailed look at how PepsiCo developed and implemented an SAP security model to meet the unique and complex needs of multiple corporate divisions. Hear how the company designed a solution that would provide secure access across these different divisions while ...

Case study: Lessons from ConocoPhillips' approach to conducting user access reviews and monitoring transaction usage

Add	Trevor Wyatt, ConocoPhillips (session is repeated on Friday at 8:30 am) Thursday, March 15, 2012 10:15 am - 11:30 am

Add	Trevor Wyatt, ConocoPhillips (repeat session) Friday, March 16, 2012 8:30 am - 9:45 am

Hear how ConocoPhillips, a large company with 35,000-plus users, assesses, manages, and conducts its user access reviews using the SAP BusinessObjects Access Control suite. Learn how ConocoPhillips set up and conducted ...

Case study: Putting an end to role proliferation and reducing SoD violations at Nike

Add	Eric Dwyer and Ervin Hernandez, Nike Friday, March 16, 2012 8:30 am - 9:45 am

Segregation of duties (SoD) and the assignment of entitlements remains a source of risk in almost any organization. Get a picture of how Nike augmented the risk management capabilities of SAP BusinessObjects Access Control using ...

Case study: Redesigning security in Nu Skin International's mature, multi-national SAP environment

Add	Joel Erickson and Robert Gutierrez, Nu Skin International Thursday, March 15, 2012 8:30 am - 9:45 am

Attend this session and learn how NuSkin International approached the redesign of its SAP security system. Find out how the company addressed security at various levels, including ...

Customer discussion forum: SAP security and authorizations

Add	Pavi Malhotra, Ernst & Young and Charlie Singh, American Water Thursday, March 15, 2012 4:00 pm - 4:45 pm

Come to this special moderated networking session to find out how other SAP customers are managing their SAP security and authorizations. Learn what key areas and functionality of SAP solutions you can leverage today to ...

Drive cost savings through a practical approach for designing and implementing business process- and IT-based roles

Add	Jason Glantz and Shivraj Patil, Ernst & Young Wednesday, March 14, 2012 10:15 am - 11:30 am

Attend this session for leading practices and practical advice to design compliant functional and technical SAP roles across a global organization. Hear firsthand how to avoid the most common cross-application SoD issues that ...

Expert advice for integrating security design with access control

Add	Rafael Smeyers, PricewaterhouseCoopers Tuesday, March 13, 2012 1:15 pm - 2:30 pm

This session offers guidance for improving security design and integrating it with access control. Get an overview of ...

How to take control of your system access management efforts

Add	John Jerrehian, SAP Labs Thursday, March 15, 2012 1:00 pm - 2:15 pm

Attend this session to assess the effectiveness of your current access risk management processes and identify opportunities to cut the costs associated with them. This session provides practical advice on how to ...

Live demo: Access risk management functionality in SAP

Add	Chris Radkowski, SAP (session is repeated on Thursday at 1:00 pm) Tuesday, March 13, 2012 1:15 pm - 1:45 pm

Add	Chris Radkowski, SAP (repeat session) Thursday, March 15, 2012 1:00 pm - 2:15 pm

Attend this live demonstration session to explore the latest functionality for access risk management in SAP BusinessObjects Access Control 10.0 and evaluate whether or not it will meet your organization's unique needs. Gain insight into ...

Overcoming the most common challenges surrounding superuser privilege management

Add	Brian Ocampo, Ernst & Young Friday, March 16, 2012 10:00 am - 11:15 am

Attend this session for expert instruction on how to tackle the challenges surrounding the management of super user access. Get leading practices, tips, and tricks for ...

Panel discussion: A guide to reaping the business benefits offered by an enterprise-wide access controls monitoring program

Add	Moderator: Susan Stapleton, Greenlight Technologies; Panelists: Malte Globic, Elster Group; Wyatt MacManus, Sharp Electronics; Martin Kessler, U.S. Department of the Interior; and Alfred Bacon, Petrobras Thursday, March 15, 2012 10:15 am - 11:30 am

This interactive session offers valuable insight into what business benefits can be achieved by implementing an enterprise-wide monitoring program. Hear from a panel of customers who have created ...

Panel discussion: Customers share their successes and lessons for segregation of duties remediation and sustainment

Add	Moderator: James Roeske, VanRiver Consulting; Panelists: Ben Wienand, McKesson; Jamie Frame, Coca-Cola; Cynthia McConathy, BNSF Railway Company Tuesday, March 13, 2012 4:15 pm - 5:30 pm

Participate in this candid, moderated discussion with SAP customers who will share best practices, lessons learned, and detailed techniques based on their experiences in establishing preventative policies and leveraging SAP BusinessObjects Access Control to stay violation free. Find out how leading organizations are working with their user communities to ...

Panel discussion: Redesigning security in Nu Skin International's mature multi-national SAP environment: Insights from iT2 and Nu Skin International

Add	David Bromlow, Dan McGrew, Lynne McGrew, Allan Sulgrove, iT2; Joel Erickson and Robert Gutierrez, Nu Skin International Thursday, March 15, 2012 10:15 am - 11:30 am

Ask your toughest security questions to expert consultants from iT2 and managers from Nu Skin International, and receive real-world tips and tricks for addressing security at various levels, including roles, policies, processes, procedures, and tools. Get best practices for ...

Resolve segregation of duties and access violations with a cost-effective, task-based approach to security

Add	Raymond Mastre, PricewaterhouseCoopers Tuesday, March 13, 2012 2:45 pm - 4:00 pm

Find out how to create a more sustainable security design to help reduce common authorization issues, such as excessive access and segregation of duties risk. Get techniques for analyzing your current security environment to help build ...

Steps for evaluating the health of your access risk management program

Add	Sonny Dasgupta, SAP Tuesday, March 13, 2012 10:30 am - 11:45 am

A fragmented, reactive approach to managing access risk isn't just inefficient and costly – it's bad for business. Do you know where your organization is and where it's going in the journey to ...

Strategies for closing the gap between access control and identity management processes

Add	Erin Hughes, SAP Friday, March 16, 2012 10:00 am - 11:15 am

Managing identities across the enterprise and managing access risk to business applications have historically been two separate processes for many organizations. Managing these as separate processes has led to ...

Strategies for ensuring business awareness, understanding, and ownership of security and controls

Add	Richard Hunt, Turnkey Consulting Thursday, March 15, 2012 2:30 pm - 3:45 pm

Learn how to design a successful SAP security and GRC strategy that not only meets the business's risk management requirements, but one that is also well understood and communicated to the business. Learn what steps to take to ensure ...

The 2012 guide to workflow configuration for SAP BusinessObjects Access Control 10.0

Add	Frank Rambo, SAP AG and Richard Calaba, SAP Labs Tuesday, March 13, 2012 2:45 pm - 4:00 pm

SAP BusinessObjects Access Control 10.0 uses the standard SAP Business Workflow for all approval processes in the application, including user access requests. Attend this session and learn how to ...

Tips for driving real financial value and savings through effective SAP security design

Add	Nathan Cummins, PricewaterhouseCoopers Wednesday, March 14, 2012 2:30 pm - 3:45 pm

Attend this session to learn how to construct a comprehensive SAP security design that is flexible, sustainable, and cost-effective to meet the ever-growing demands of your organization. Enhance your understanding of the four key components of an SAP security design, including ...

SAPinsider is published by Wellesley Information Services (WIS). More than 250,000 professionals worldwide rely annually on WIS products for expert strategies, instruction and best practices to optimize their IT investments. WIS products include SAPinsider, InsiderProfiles Magazine, SAP Experts Knowledgebases, SAP Press books, and SAPinsider Multimedia training.

This conference is open exclusively to SAP customers, and approved prospects and partners. GRC 2012 is conducted independently by WIS, publisher of SAPinsider with permission from SAP AG. WIS is not affiliated with SAP AG or any of the SAP AG group of companies. SAP, the SAP logo, and all other SAP products and services are trademarks or registered trademarks of SAP AG in Germany and other countries.