Business & finance controls optimisation


Value propositions controls optimisation

COO (business controls), CFO (finance controls), CIO, Tax & Legal

Your questions & Needs

  • You are facing security and compliance issues in your ERP / SAP systems.
  • Your cost of staying in control are too high due to manual work (IT controls are not automated and/or continuously monitored).
  • Your IT Management processes are not set up effectively and (IT general) controls are not effectively designed and implemented IT.
  • You want to lower the costs and increase effectiveness through optimisation and automation.
  • You need to initiate a large transformation, IT or ERP program but do not know where to start and how to control and govern.
  • You need to align your business and IT strategy and organise your IT partners, IT operations and Maintenance and /or need an independent view on IT partners and technology.

Technology, specialist consulting & managed services

Our solutions to bring value

Our propositions focus on strategy, structure, processes, people, and technology to optimise our client’s business & finance controls.

Strategy and structure. Our strategic consulting include workshops and coaching sessions to help you define what you need to do to have your controls operating effective, resulting in a concrete business case and program. We also offer consulting services to define integrated governance and structures, including lines of defense, stakeholder alignment, and communication.

You can choose to co-source or fully outsource your internal control function, with flexible Dutch and English-speaking controls testing staff available at your location, out of our service centers, or in a hybrid arrangement that can help reduce costs by up to 30%, while providing the flexibility to up- and downscale as needed to ensure resource availability.

Operational processes. Our hands-on controls consulting propositions help you describe functional controls requirements and automate controls. We have high-quality controls experts in specialist areas, regulations, and topics such as export controls, ESG, SOx, FDA, vendor risks, processes, and IT. We also offer controls effectiveness audits on any controls area or topic.

Our people & change propositions include training on control automation and continuous improvement, as well as ad-interim controls directors and specialists. We provide controls best practices, frameworks, and content, which are often readily available in our technology. We assess, improve or manage all your change programs.

We use of implement technology to assess processes (process mining and data-analytics) and to optimize your controls. We select and implement technology to improve controls design and document operating effectiveness. We automate controls to improve the quality and lower the costs of controls testing, including SAP authorizations, security, and data management. We also can implement continuous (controls) monitoring applications to improve preventing controls. All technology implementations are done in an agile way, in-time, and for fixed-prices. 

 Our controls optimisation solutions

Continuous controls monitoring (CCM)

  • Automated testing of controls (both transaction and parameters).
  • Preventive and detective.
  • One (1) central (cloud-based) risk & controls repository.
  • Automated response workflow and notification.
  • Monitoring  hundreds off the shelf standard controls.
  • Connect to any application in your (hybrid) environment.
  • Standard API’s to off-shelf products.
  • Tailored API’s to self-made software solutions.

Zero trust (authorisations)

  • Access orchestration to support becoming Zero Trust.
  • Surfacing violations and taking action to prevent loss.
  • Manage all aspects of access governance in a single platform.
  • User provisioning, temporary elevation, ongoing user access reviews, internal control testing, transaction monitoring, and audit preparation.

SOx controls automations

  • Support to become SOx-proof. We manage all aspects of SOx projects including content provisioning.
  • Managed Sarbanes-Oxley compliance testing and reporting to safe time and costs.
  • Improve and automate SOx-controls.

Continuous process mining & reconciliation

  • Gain insight in your processes and improvement potential.
  • Monitor process performance and control via dashboarding.
  • Monitor margins, prevent revenue leakage and signal incorrect transactions (such as payments) on a transactional level.
  • Gain insights into financial results by automating the validation process.
  • Real-time, data-driven control and closed-loop management of revenue streams.

Continuous dialogue (dashboarding)

  • Single environment to monitor business performance and the status of your controls.
  • Integrated (combined) assurance linking all lines of defences together into one single dashboard (internal usages).
  • Direct & continuous insight in performance and control(s) for all stakeholders to realise trust between business partners (external usages).
  • Voluntarily oversight (one real-time) dashboard between auditor and auditee.

Your value

Happy staff

  • We focus on your repetitive work,
  • Provide staff availability and flexibility (up- and downgrading).
  • Resulting in increased job satisfaction for your staff.
  • High staff retention.
  • Focused knowledge transfer.

Increase effectiveness

  • Technology forces effective and efficient process execution.
  • Experience experts for strategic and operational (hands-on) advise.
  • Effectiveness, efficiency and quality improvement is included in our managed services.

Reliability & trust

  • We meet your objectives and requirements.
  • Our repository of automated controls and application security provides reliability.
  • Reliability and continuous insight for all stakeholders creates transparency and trust.

Cost efficient savings

  • Efficient process execution with technology and well-educated staff.
  • One-time-right quality consulting (less hours, higher value) at competitive prices.
  • Managed services reduce 30% costs (compared to European standards).

High Quality

  • With our technology resulting in high quality process execution.
  • Best in class consulting including content (frameworks).
  • Embedding new way-of-working (make it stick).
  • High quality managed services seamlessly integrated in your process.

Added value

  • We make you best-in-class for you to add value.
  • Full project support.
  • Building your capabilities to continuously improvement.
  • Quality assurance over the transition is included in our managed services.

Client Experiences controls optimisation

continuous controls monitoring over 100+ applications, including standard SAP, Oracle, Peoplesoft, Workday, etc, as well as you tailored made applications

integrate everything with 180 standard API’s

integrate businesses with service billing solutions, managed implementation with continuous controls monitoring platform

 Full project and change management

continuously monitor from development to operation cloud based with over 500 standard controls

Continuous controls monitoring

Continuous Controls Monitoring

Pathlock’s soltions provide a full range of leading technology to manually dispatch controls execution for compliance purposes (SOx), automate all process controls and authorisations with a cloud based continuous controls solutions with over 400 standard controls and 180 plus interfaces to all relevant applications and tooling. Their access orchestration solution provides full zero trust.

Process Mining and monitoring

The Software AG solutions provide our clients with the standard in process analytics and process management. With the aim to connect everything with everything Software AG is leading in the Internet of Things (self service platform) and application integration area providing management with real-time insights and business information in the new world of hyperautomation. See, decide and act with Software AG. 

Process reconciliation and controls monitoring

For self made applications non standard, we provide end-to-end controls insight, monitoring and reporting meeting your stakeholders and accountant’s requirements. Actuals IO is a Dutch company with many local Dutch clients facing reconciliation issues in their financial systems.

Continuous Testing

First-time-right software development for complex, business critical software solutions with a high rate of change. With the Axini platform and the BR1GHT/Axini approach you can optimize your development process for specification, AI-based automated test generation and real-time automated analytics and flagging. Best low-code modeling and model-based, no-code test automation when you need to be 100% fault proof.

Continuous Dialogue

Choose the best course of action based on what the data tells you. CCH Tagetik powered by the Analytic Information Hub brings together diverse, granular data to give you visibility into the impacts of operational change on financial performance. You can analyse performance and take action by performing what-if analysis and visualising real-time trends on graphic dashboards. Get the right answers quickly with CCH Tagetik SmartInsight dynamic ad-hoc reporting and on-the-fly analysis.

Pathlock continuous controls monitoring

You need to be the best in class with your controls because:

  • the highest (SOx, FDA,..) compliance regimes apply,
  • there is no room for control issues,
  • you are experiencing controls issues,
  • your business is fully integrated with partners (eg, industry 4.0),
  • your application landscape is complex, diverse, and everywhere,
  • changes in your environments are constant,
  • you have multiple applications across many different countries and need to harmonize controls execution,
  • you cannot provide adequate assurance over your controls,
  • you are aiming for process excellence with hyperautomation,
  • you are on a journey for zero trust, and
  • you need to reduce the cost of controls?

We offer worlds most sophisticated single-platform CCM (Continuous Controls Monitoring) solution providing controls automation over standard 180 plus applications, tools and processes across your IT ecosystem. Our solution comes out-of-the box with 400 key ‘continuously monitored’ controls.

Pathlock’s soltions provide a full range of leading technology to manually dispatch controls execution for compliance purposes (SOx), automate all process controls and authorisations with a cloud based continuous controls solutions with over 400 standard controls and 180 plus interfaces to all relevant applications and tooling. Their access orchestration solution provides full zero trust.


Zero trust (authorisations)

SOx controls automation

Continuous process mining & reconciliation

Process mining

Continuous dialogue (dashboarding)

Controls optimisation news

BR1GHT implemented ING’s compliance monitoring system

BR1GHT implemented ING’s compliance monitoring system

In September 2020, the Compliance Quality Assurance (CQA) department was established within ING. This department, even more than its predecessors, had the need to conduct thematic or process-oriented compliance reviews. Since the audit function uses TeamMate, and the...

read more
BR1GHT @GRC conference Stockholm 26 June 2023

BR1GHT @GRC conference Stockholm 26 June 2023

BR1GHT will join one of Europe's biggest conferences on GRC on the 26'th of June 2023. BR1GHT is a global technology solution provider for all the GRC functions within a company; from first line business & finance controls, IT controls & security, GRC &...

read more
Job – SAP security and compliance specialist

Job – SAP security and compliance specialist

We are currently looking for new team members for the following position. English version SAP security & compliance specialist - The Netherlands   Would you like to help customers in implementing state-of-the-art SAP security & compliance (SSC) and...

read more
Job – Technology consultant The Netherlands

Job – Technology consultant The Netherlands

We are currently looking for new team members for the following position. English version Technology consultant - The Netherlands   Would you like to help customers realize their digital transformation? Is it your passion to select and implement new technologies...

read more


Vision paper

The digital transformation is reshaping organisations with an increasing pace. Digital solutions using RPA, IoT and mobile are being implemented in the business to save costs, improve business processes or to build client intimacy. But what are the risks of these new digital solutions, how do you control them and what does digital mean for your control environment? In a series of publications, we will dive deeper into these questions and take you with us in our Digital Control journey Towards Continuous Monitoring.

In this publication you will read all about:

  • What are the risks of new digital solutions, such as RPA, ML, IA,
  • The need to continuous monitoring,
  • Wat is continuous monitoring,
  • How 2’nd and 3’rd Lines of Defence can use continuous monitoring,
  • How to use continuous monitoring to provide assurance,
  • Upskilling risk and internal audit specialists.

If you would like to know more about continuous monitoring, please contact us. We can provide you with concrete examples of implementations.

BR1GHT publication Vision on Digital Control Towards Continuous Monitoring

[contact-form-7 id=”237587″ title=”Contact form 1″]

Proposition paper

When you are aiming high with your SAP and other application ambitions, it is important that the fundament is strong. A lived through strategy, a solid plan, experienced and well-motivated people, partners with in-depth SAP knowledge, the right technology, and a strong security and compliance basis. We add value making your SAP environment continuously secure & compliant. Whatever you ambition or context is, we have the right technology and people to realise all your objectives in a controlled manner.

A company’s application landscape is often complex by design and is becoming more and more complex with multiple SAP environments and or SAP solutions (ECC, S4HANA, Concur, SuccessFactors, Ariba, Fieldglass), all working together with other non-SAP best-of-breed solutions. On premises, in the cloud or as combination of both. The context is often not stable, with increasing demands and an ever-increasing pace of change. Our SAP security & compliance proposition covers every angle of your SAP risks in both a ‘SAP-only’ environment and a diverse complex application environment.

Whatever your ambition and whatever your context is, we will add significant value. Our high quality, flexible solutions aim to protect your SAP assets, audit, and improve your SAP security & compliance, lower the cost of control, help you identify benefits in applications and processes, or enable you to realise efficiency gains in your operations and change programmes. We implement our technology on-premises or in the cloud and can deliver our value “a managed service” out of our remote locations.

Want to learn more?

Find out what our controls optimisation propositions can mean for you.

Please contact us if we made you curious.

Thank you so much for you interest in us!