1

© axl & trax, all rights reserved

the security company for SAP® environments

the security company for SAPSAPSAPSAP®

environments

2

© axl & trax, all rights reserved

the security company for SAP® environments

table of contentstable of contentstable of contentstable of contents

who we are

affiliations and partnerships

mission and principles

expertise

services and solutions portfolio

approach: efficiency and quality

an example of our servicesreview of the authorization concept

references of customers served

3

© axl & trax, all rights reserved

the security company for SAP® environments

who we arewho we arewho we arewho we are

fact sheetfact sheetfact sheetfact sheet

15 years expertise

consultant, adviser, trainer and keynote speaker

over 20 dedicated GRC, IAM, authorizations and security experts

more than 200 customers served

4

© axl & trax, all rights reserved

the security company for SAP® environments

affiliationsaffiliationsaffiliationsaffiliations partnershipspartnershipspartnershipspartnerships

affiliations and partnershipsaffiliations and partnershipsaffiliations and partnershipsaffiliations and partnerships

5

© axl & trax, all rights reserved

the security company for SAP® environments

we focus 100% on risk, security and internal controls

SAP security is our core business

we are the bridge between business and IT

combining theoretical with strong practical experience

utilizing sound knowledge of business processes and data flows

communicating IT security challenges in business language

our principles

security is a business issue – IT is a business enabler

think before you act

kiss – keep it stupidly simple

continuous expertise improvement (15 years) with expert-consultants certified in the areas of

auditing: CISA; CIA; …

security: CISM; CISSP; CGEIT; CRISC…

SAP, Isabel…

our mission and principlesour mission and principlesour mission and principlesour mission and principles

6

© axl & trax, all rights reserved

the security company for SAP® environments

c-range advisory

consultancy

audit and security

governance, risk & compliance

training

tailor-made solutions

biometric authentication

identity and access management

authorization concepts

roles building

workflow

security/risk content (SOD)

ABAP coding security

vulnerability assessment

payment flow security

process controls

quality assurance

licensing (cost control)

our expertiseour expertiseour expertiseour expertise

7

© axl & trax, all rights reserved

the security company for SAP® environments

pro

duct

s

GRCIsabel Corporate

Synchronizer

Systems SAPApplications

SAPABAP

Development

SAPInfrastructure Isabel

assess / improve / implement / monitorse

rvic

es

our services and solutions portfolioour services and solutions portfolioour services and solutions portfolioour services and solutions portfolio

access rights security,

process controls, workflow, PtP review, master data cleansing

coding security

strong authentication

perimeter security

banking services

8

© axl & trax, all rights reserved

the security company for SAP® environments

program /project management

roadmap approach

expert knowledge baseknowledge network

SOD matrices

template roles

…

methodology

best-of-breed tools

standards

tailored approach

“do not try to reinvent the wheel” “do not try to reinvent the wheel” “do not try to reinvent the wheel” “do not try to reinvent the wheel”

strategicstrategicstrategicstrategic

tacticaltacticaltacticaltactical

operationaloperationaloperationaloperational

our approach: efficience and qualityour approach: efficience and qualityour approach: efficience and qualityour approach: efficience and quality

9

© axl & trax, all rights reserved

the security company for SAP® environments

get a clear understanding on the :

quality of the authorization concept

are there any inconsistencies in the concept implementation ?

does the concept embrace properly the business requirements?

is the concept flexible enough for new roll outs and ease of maintenance ?

are the change process and procedures able to prevent concept erosion over time ?

access to (hidden) critical functionality, SAP backdoors, …

presence of (potential) SoD conflicts?

root causes of security issues

security gap between what is granted and what is executed

plan to reduce any weaknesses and to improve security

evaluate the value of the security investment

assess the effectiveness of monitoring

an example of our servicesan example of our servicesan example of our servicesan example of our services

review of the authorization concept

10

© axl & trax, all rights reserved

the security company for SAP® environments

references of customers served references of customers served references of customers served references of customers served ---- www.axlwww.axlwww.axlwww.axl----trax.com/about/referencestrax.com/about/referencestrax.com/about/referencestrax.com/about/references

11

© axl & trax, all rights reserved

the security company for SAP® environments

more info ?more info ?more info ?more info ?

contact one of our partners:contact one of our partners:contact one of our partners:contact one of our partners:johan.hermansjohan.hermansjohan.hermansjohan.hermanswouter.janssenwouter.janssenwouter.janssenwouter.janssenfrederic.lorandfrederic.lorandfrederic.lorandfrederic.lorand

@axl@axl@axl@axl----trax.comtrax.comtrax.comtrax.comor contact our office: or contact our office: or contact our office: or contact our office:

+32 16 311 000 +32 16 311 000 +32 16 311 000 +32 16 311 000 –––– info@axlinfo@axlinfo@axlinfo@axl----trax.comtrax.comtrax.comtrax.com

www.axlwww.axlwww.axlwww.axl----trax.comtrax.comtrax.comtrax.com