Continuous Monitoring and Auditing for SAP

SenSage is SAP CertifiedSAP customers face a number of data management challenges for Continuous Controls Monitoring and SAP User Activity Monitoring. An enterprise scale solution is essential to maintain the huge volumes of data necessary to monitor and audit SAP controls, privileged user activity, and to detect transaction fraud, anomalies, and trends. Specific requirements include the ability to:

  • Ensure ERP controls are working as intended
  • Monitor transaction fraud, duplicate payments, SOD violations, and master data
  • Provide deep visibility into user activity
  • Adhere to multiple regulations: SOX, PCI DSS, HIPAA, NISPOM, FISMA, etc.
  • Manage & analyze large volumes of SAP events over long time frames
  • Support highly customized business processes
  • Monitor transactions across ERPs, custom apps, IT systems and infrastructure, etc.

Read the SenSage/SAP Security and GRC Press Release

SenSage Continuous Monitoring and Auditing for SAP automates and enables a 360° view of SAP user activity, and uniquely does so without the need to maintain audit logs within the SAP system. SenSage installs quickly and provides the 360° view both within the SAP environment and across the entire IT infrastructure and systems. Management, internal auditors, security and compliance professionals use SenSage to detect fraudulent behavior such as failed or fraudulent transactions, failing controls, SOD violations or overrides, profile changes enabling unauthorized access to transactions, locked accounts, or unauthorized changes to master data files through exception-based alerts and reporting.

Together, SAP & SenSage safeguard critical enterprise assets and processes. With SenSage Continuous Monitoring and Auditing for SAP, organizations can:

  • Enable continuous monitoring to prevent transaction failures and fraud (e.g. identify duplicate payments)
  • Maintain a single view of transactions across multiple instances of the same ERP, and instances of different ERPs and custom financial applications
  • Correlate user activity within SAP to activity outside SAP such as access to databases, unstructured data files on the network, systems, applications, and eMail
  • Monitor changes to master data tables
  • Jumpstart deployments with pre-packaged analytics, and implement custom analytics to complete the control framework
  • Perform ad-hoc forensic investigations
  • Conduct real-time analysis and response for subsets of applicable transactions
  • Maintain and query years of data for historical trend analysis and to meet audit requirements
User Activity Auditing for SAP