IT managers must not only ensure that systems run smoothly, they must also keep a close eye on data security and confidentiality, particularly when it comes to change requests. TransportManager enables critical SAP objects, such as reports containing employee and personal data, to be managed individually via a controlled, documented process. The solution can be used to effectively model defined security rules and procedures – TransportManager automatically requests authorization from relevant decision-makers before distributing software changes to the SAP system. Throughout this process, the solution creates detailed logs of all activities. Sophisticated authorization capabilities ensure that all modifications to SAP systems have a precise, verifiable audit trail.
The Project
TransportManager has already played a key role in ensuring that scores of SAP solutions can be reliably audited. Thomas Göttmann, an independent consultant for internal auditing and co-author of the SAP Audit Guidelines, is a firm advocate of TransportManager: “The solution is ideal for companies wishing to efficiently and reliably manage often very complex change management processes in SAP R/3 environments.”
One of TransportManager’s key features is that it allows businesses to shield software development from financialaccounting processes. When a new version of an application is published, the user department is directly involved in the authorization process for the new SAP objects. TransportManager also logs every step of the workflow, including actions that deviate from standard procedure. The resulting log files can be viewed using standard SAP transactions. In other words, TransportManager can be employed to make IT systems audit-ready and give administrators absolute confidence that their processes satisfy all risk management needs. This is an important step on the road to compliance with the Sarbanes-Oxley Act (SOA), and to comprehensive and transparent financial reporting.