By Fred Donovan, Senior Editor, SAPinsider
In 2018, HP Inc. launched a strategic effort with three goals in mind: Make it easier for its customers to do business with the company, improve its internal processes for employees, and gain a competitive advantage. Migrating to SAP S/4HANA was selected as the way to simplify its sprawling corporate systems. A key component of the migration has been ensuring compliance with internal rules and external regulations, such as the Sarbanes-Oxley Act (SOX) and various data privacy laws.
As part of its transformation, HP set up a new governance, risk, and compliance (GRC) system, including rethinking its user access processes and segregation of duties (SoD) ruleset. In the past HP relied on a homegrown tool for access control but implemented SAP Access Control and SAP Process Control as a component of its SAP S/4HANA migration.
HP also took advantage of SAP Process Control’s continuous control monitoring tools. “We use the tools to monitor our application controls, benchmark and monitor for change, and improve efficiency. It made our IT general controls easy by consolidating data from our legacy systems into one view,” explains Carrie Gilstrap, IT Audit Manager, HP. The company is still in the process of rolling out SAP S/4HANA to all its business units and regions, a process that Gilstrap expects to be completed in 2021.
Watch this video and learn:
- How HP ensured compliance with internal rules and external regulations while migrating to SAP S/4HANA.
- How the computer maker used SAP Process Control’s continuous control monitoring tools to monitor its application controls, benchmark and monitor for change, and improve efficiency.
- The importance of implementing continuous control monitoring to prioritize control activities, ensure GRC information is up to date, and achieve compliance at a lower cost.
Read the full story here.
MEET THE EXPERTS
Carrie is an experienced IT Audit Manager with 20+ years of experience in the information technology and services industry. She is skilled in Business Process, Internal Audit, SAP, GRC, SOX Compliance, Operational IT Audits, Continuous Auditing and Audit Tools development. CISA certified and holds an MBA (focused in Organizational Leadership) from Santa Clara University.