JDE IDENTITY, ACCESS, AND RISK MANAGEMENT
  • Home
  • Services
    • Identity Management
    • Access Management
    • Risk Management
  • About ESC
    • Philosophy
    • Mission
  • Contact Us
    • Contact us

Risk Management

Risk Management

Risk management is not a one-time effort, but a continuous process.  There are many companies in the JDE space that will provide security assessments or audits and offer plans to remediate, but once the project is over, their work is done.  However, YOUR work is not done.  You need a partner that will start at the beginning with identification, analysis and assessment of the risks before you get to the point of planning the remediation efforts.  Even when the remediation is complete, you need to then review the results, and start the process again.

Risk Management
​

Identify
Create or review the risks to JD Edwards in Application access as well as in infrastructure access.  Create or review Segregation of Duties definitions for access within JD Edwards as well as access across ERP systems or processes.  Areas to be reviewed:
Access to critical programs within JDE (Next numbers, AAIs, bank accounts etc)
SysAdmin level access within JDE
Access to critical programs where data is interfaced into JDE (Hyperion, AP scanning solutions etc)
Systems infrastructure access with admin level privileges
            E920 share
            Media objects (if not in the DB)
            Enterprise/application/JAS/DB servers
Analyze and Assess
Rate and prioritize identified risks
            Financial or Operational
Determine business impact and likelihood of the risks
            Risk Matrix
 
Control
Develop a risk remediation plan
            Role Based Access Control to segregate duties
Determine what cannot be remediated and develop a mitigation strategy
Implement remediation and mitigation plans
Be sure to include testing and validation of the mitigation strategy
Review
Schedule and perform periodic reviews of identified risks, controls, and mitigations.  




ERP Solutions Consulting, Inc.
+1 (720) 235-8324

info@erpsolutionsconsulting.com
Powered by Create your own unique website with customizable templates.
  • Home
  • Services
    • Identity Management
    • Access Management
    • Risk Management
  • About ESC
    • Philosophy
    • Mission
  • Contact Us
    • Contact us