SafePaaS reduces user provisioning time and mitigates segregation of duties risk in Oracle E Business Suite

Who is our client?

South African packaged goods company. Our client also has direct and indirect interests in international food businesses in Chile, Zimbabwe, Mozambique, Nigeria, Kenya and Cameroon. The company is Africa 's largest food manufacturing company.

What were their challenges?

The organisation was struggling with approximately 5000 erroneous payment requests each week worth $60 million. The business had a fragmented home-grown legacy system in place. They used manual control checks and had thousands of duplicate erroneous payments.

They were struggling with Segregation of Duties and requested SafePaaS define a Segregation of Duties matrix for the organisation. They also needed to identify and manage violations. Aside, the organisation didn’t have a robust user provisioning process in place and needed a solution for access provisioning. Another of their challenges was Access Control Monitoring. They needed to enable access requisitioning and approval via workflow. They were also struggling with emergency access management – they wanted to enable the process to manage Super User access provisioning and the logging of actions for audit purposes. They also needed to increase the external auditor ’s reliance on ERP Access Controls Monitoring.

Inability to configure access rules in terms of fine- grained privileges in the enterprise application security model. IAM focuses on “birthright” access for all user rights, whereas IGA requires risk management for enterprise access users with hundreds of privileges to sensitive data, transactions, and functions.

Lack of support for short-lived, just-in-time elevated access required for emergency support – privileged access management (PAM). The life cycle between regular access and privileges.

Access control monitoring: To enable access requisitioning and approval via workflow.

Emergency access management: To enable the process to manage Super User access provisioning and logging of actions for audit purposes. Increase external auditor’s reliance on ERP Access Controls Monitoring.

What was the solution?

SafePaaS AccessPaaS™ with FireFighter ID - Privileged Access Management

What were the results achieved using SafePaaS AccessPaaS™ solutions?

  • Reduce user provisioning time by identifying and eliminating 80% of manual steps.
  • Created access policies to ensure compliance during user provisioning process.
  • Lowered ERP total cost of ownership by reducing Segregation of Duties remediation time and costs by ensuring that all users are assigned only the pre-approved roles.
  • Improve Segregation of Duties and access controls testing time by providing auditors the access log reports showing all updated, reviewed and approved role design changes.
  • Accelerated ERP access approval time by identifying valid SOD conflicts before the roles are assigned to users.
  • Reduction of Segregation of Duties violations which in turn leads to a reduction to the exposure of fraud risk.

Privileged Access Management

Best Practices they implemented
  • Fine-grained identity governance is required to prevent security threats
  • Streamline operations to mitigate inherent risks in thousands of available privileges in enterprise applications
  • Improve SoD and Access Controls testing time by providing auditors the access log reports showing all update, review and approve role design changes
  • Discover privileged accounts on systems, devices and applications for subsequent management
  • Ensure attribution of activity within a privileged task to an authenticated individual


To see how SafePaaS can help your organization secure your Oracle E-Business Suite  environment schedule a demo here: