Jacobs Douwe Egberts SAP controls & compliance
Written by Meindert Keuning
BR1GHT was selected by Jacobs Douwe Egberts to support them to further optimise and professionalise their SAP Security & Compliance environment. Our BR1GHT expert has started to with his engagement in the middle of the COVID-19 pandemic, making it a challenge to become part of this fantastic organisation and get in contact with all colleagues. However, we succeeded and now is in control of all the SSC challenges. Thank you JDE for your trust in our capabilities!
JACOBS DOUWE EGBERTS (JDE) For more than 265 years, they have been inspired by the belief that it’s amazing what can happen over a cup of coffee. Today their coffee & tea portfolio is available in over 100 countries around the world through iconic household names including Jacobs, Tassimo, Moccona, Senseo, L’OR, Douwe Egberts, TiÓra, Super, Kenco, Pilao & Gevalia.
We have supported their group IT security & compliance function in managing the SAP identity & access management processes and systems. In more detail we supported JDE with the following projects:
Issue resolution & reporting
When we began there was no record if issues were actually resolved, no report on how long it takes to solve issues. We provided support to create more transparency over their issue logs, incident response. We did so by implementing governance structure and building a service management reporting process.
Segregation of duties (SoD) improvements
We have analyzed their SoD ruleset, remediate emerging issues from internal and external audits. This resulted in a new approach to improve the role access design approach and preparation for a role security improvement program.
SAP GRC system management
Overseen day-to-day grc application management support. Managed the project to upgrade GRC to version 12 for both Access Management and Process Control.
Improving the quality of the outsourced Identify and Access team
Coordinated the team, analyzed their performance, coached them into resolution management and Br1ght provided technical assistance.
Saviyint new IAM solution
Supported the new Identify and Access management process and system implementation by performing end user testing and guiding management through acceptation criteria.
Managing the external audit process
Follow-up on audit requests, guided the auditors through the Access Management processes and controls. Supported the IT audit and resolved emerging issues if they impacted the audit potentially.
Our initial engagement took place between end 2019 and mid 2020 and subsequent engagements to support JDE were continued until today (September 2021).
We are proud to work for JDE because it is such a strong brand and they stand for sustainable products, as we do. As of the start, the culture matched, where we both go for a challenge but with the right positive attitude and care.
According the Chief information security officer Willem Siebes the activities performed improved the IAM processes, security and compliance and set-up the organization for future business growth in a compliant & secure manner. BR1GHT has an expert team to support you with SAP security & compliance projects. It designs and executs role based access programs. It does so with their supporting technology partners such as SAP, Soterion, SecurityBridge and Security Weaver. Together with their offshore expert team it can execute projects timely and qualitative.