Policy Management

Detects access policy violations to control financial, operational, fraud, and cyber risks. Define policies in terms of risk descriptions, impact, likelihood, and fine-grained rules that constitute discrete and fuzzy logic in terms of IT system security entitlements and privileges for governance models such as Segregation of Duties, Sensitive Access, Data Protection, and Trade Secrets.

Eliminate false-positive filters to improve risk analysis and response. A high-performance policy engine rapidly analyzes millions of security attribute combinations and permutations across all enterprise IT systems and ERPs and business application security snapshots to report violations. Violation Manager eliminates exceptions where risk is accepted with compensating controls, using advanced filters. Remediation Manager issues corrective actions using closed-loop workflows that expedite risk response, reduce risk exposure and automatically update violations reports to ensure audit evidence is accurate and timely.

SafePaaS enables your Compliance, Risk and IT teams to:

SafePaaS Segregation of Duties Policy Manager employs a rules management engine, to scan user access using the security structure of your ERP system. Policy Manager identifies users and their role assignments that violate one or more Segregation of Duties policies. Violation results are stored in a database which is accessed using analytics in Policy Manager. Download test results and corresponding remediation plans in Excel, Word, Acrobat and other common formats to assure management and auditors that your business systems fully comply with Segregation of Duties policies.