Onapsis - Continually Protecting the Intelligent Enterprise
Rating: 9 out of 10
IncentivizedUse Cases and Deployment Scope
Onapsis helps reduce regulatory compliance issues via an automated continuous compliance process for the IT controls related to regulations such as Sarbanes-Oxley (SOX), GDPR, PCI-DSS and others.
Eliminating this manual process improves the accuracy of results and frees up valuable resources to focus on other projects. We specifically are implementing the Onapsis Security Suite to continuously monitor, and alert us on any issues on the SAP systems.
Implementing the Onapsis Security Suite also eliminates rework on the year-end and month-end audits and helps in making the process faster, efficient and accurate, and in case there are violations in the compliances, Onapsis notifies the team via email regarding it.
Eliminating this manual process improves the accuracy of results and frees up valuable resources to focus on other projects. We specifically are implementing the Onapsis Security Suite to continuously monitor, and alert us on any issues on the SAP systems.
Implementing the Onapsis Security Suite also eliminates rework on the year-end and month-end audits and helps in making the process faster, efficient and accurate, and in case there are violations in the compliances, Onapsis notifies the team via email regarding it.
Pros
- Implement continuous compliance
- Gain efficiencies
- Reduced risk of non-compliance
- Define specific audit policies
- More accurate audits
Cons
- Multiple UIs
- No proper customization of UI log-off
- Tedious setup of Control component
- No proper error messages received
Likelihood to Recommend
Onapsis is divided into 4 major components,
In comply, it provides a governance on the various regulatory compliances which the firm has to follow, as well as provides a firm grip to the audit and ERP admin team.
In control, it enables a workflow of 15 pre-defined parameter values within the SAP system and helps monitor, and track the changes made to those parameters. The capabilities are to either block, or request for an approval for changes made to those parameters in addition to just monitoring them.
In defend, it goes through the SAP logs; and compares it with a pre-defined ruleset to alert the end-users via email or SIEM tool or both.
- Assess
- Comply
- Defend
- Control
In comply, it provides a governance on the various regulatory compliances which the firm has to follow, as well as provides a firm grip to the audit and ERP admin team.
In control, it enables a workflow of 15 pre-defined parameter values within the SAP system and helps monitor, and track the changes made to those parameters. The capabilities are to either block, or request for an approval for changes made to those parameters in addition to just monitoring them.
In defend, it goes through the SAP logs; and compares it with a pre-defined ruleset to alert the end-users via email or SIEM tool or both.