Customer identifies and remediates segregation of duties violations before they occur

Industrial vehicle parts supplier eliminates 80% of their manual processes and saves $50,000

Customer Profile

The customer is a leading global supplier of drivetrain, mobility, braking, aftermarket, and electric powertrain solutions for the commercial vehicle and industrial markets. With more than a 110-year legacy of providing innovative products that offer superior performance, efficiency, and reliability, the company servescommercial truck, trailer, off-highway, defense, specialty, and aftermarket customers worldwide. The customer is based in Michigan and employs more than 8,600 employees in manufacturing facilities, engineering centers, joint ventures, and distribution centers in 19 countries.


As a multinational corporation with thousands of employees, the customer managed a complex I.T. framework. This framework included using five different ERPs for user provisioning and Segregation of Duties controls. The customer was facing challenges provisioning users on five applications. They wanted the ability to monitor users once they were granted access to the applications. Additionally, the customer faced obstacles in employing a shared services model while maintaining consistent ERP access roles across its subsidiaries.

SafePaaS Solution

To address their specific access and monitoring needs, the customer decided to employ the use of several SafePaaS solutions to assist them including Roles Manager™, Access Monitor™, Policy Manager™, and iAccess™.

Roles Manager is an application security design solution containing a pre-configured catalog of roles that comply with access policies for Segregation of Duty (SOD) and restrictive data access. The customer could use this solution to view existing role templates and design new roles by quickly selecting or deselecting role configurations. Once the customer designed their roles using workflows, they could send the roles to pre-assigned reviewers and approvers to finalize them. The role preparers, reviewers, and approvers also could assess the SOD control risks before finalizing the roles. 

Using Policy Manager, the customer could monitor users and role assignments that violate one or more of their access and Segregation of Duties policies defined in their system. Policy Manager can mark false positives and compensating controls as exceptions while analyzing and remediating access risk using corrective action workflows. This further simplified the customer's auditing process.

Access Monitor allowed the customer to automate their quarterly user access review and verification service process with notifications to each department manager, application owner, and process owner. With Access Monitor, leaders could review active users and privileges assigned to those users. They can also detect and prevent any unauthorized user access rights and quickly correct any conflicts. Access Monitor also provides the customer with a comprehensive report of the review and verification process to support the effectiveness of their user access controls.

iAccess is a self-service automated provisioning solution. This solution enabled the customer to ensure that all user provisioning requests proceed according to their Segregation of Duties and Restrictive Access policies. The customer can now safeguard their systems against fraud and maintain an audit trail compliant with Sarbanes-Oxley, the U.S. Office of Management and Budget Circular A-123, Bill 198 in Canada, and the U.K. Bribery Law.


  • Using SafePaaS, the customer eliminated 80% of their manual access management and audit processes resulting in over $50,000 in annual audit and remediation costs.

  • They could catch segregation of duties violations at the front end of the provisioning process before the user was given access.

  • The customer lowered their total cost of ownership by reducing the headcount needed to manage the provisioning process on all of their different systems.

  • Testing time was improved on Segregation of Duties and access controls. And all the workflow approvals were tracked and validated.

  • ERP access time was accelerated, and Segregation of Duties violations were identified before access was granted.


SafePaaS solutions gave the customer the ability to analyze their SoD conflicts and easily review user access within their dynamic multi-ERP environment to ensure the proper level of access was granted quickly.

Ready to take the next step?

Request additional information or contact a SafePaaS specialist today to learn more about how SafePaaS can address your unique business needs.

Watch the power of SafePaaS