Corporate wide SoD Compliance Monitoring at Flex
|Name of Customer||Flex (formerly know as Flextronics)|
|Headquarters||San Jose, CA, United States|
|Customer Industry||Sketch-to-Scale Solutions Company|
Flex (formerly known as Flextronics International Ltd. or Flextronics) is a leading Sketch-to-Scale™ solutions company that designs and builds intelligent products for a connected world. With approximately 200,000 professionals across 40 countries and a promise to help the world Live Smarter™, the Company provides innovative design, engineering, manufacturing, real-time supply chain insight and logistics services to companies of all sizes in various industries and end-markets.
Flex has to comply with many laws and regulations, amongst these the compliance requirement to ensure that no violation of Segregation of Duties exists within their 21.000 plus users of Baan / Infor ERP LN. To demonstrate this compliance, Flex had implemented a complex Excel based process. It was difficult to develop and even more difficult to maintain. This process had to be automated to ensure consistency and prevent human errors.
Flex also wanted to set up an automated Periodic Access Review, in order to validate access granted, on a quarterly basis. Finally, Flex required weekly reports of conflicts, to track progress and identify trends.
A business case was developed to investigate whether to build-or-buy would be the right choice. Given the complex application landscape, developing a custom solution would have allowed Flex to get all their requirements fulfilled. Turn-key solutions available in the market were also investigated. Eventually, Flex selected Dynaflow Solutions. Primarily because EZ-Compliance fulfilled the “must-have” requirements, in addition to providing the flexibility to enhance the software to support Flex specific needs. Santhosh Srinivasan, Senior Director of IT Services & IT Compliance, adds: “Dynaflow gave us the best of both worlds. A turn-key, stable and feature rich solution for us to quickly deliver essential reports, in addition to being responsive and flexible to develop or enhance functionality upon our request”.
EZ-Compliance supports a fully automated process, in which data from Baan / Infor ERP LN is analyzed, conflicts are identified and assigned to responsible Conflict Owners in the organization. These Conflict Owners are then facilitated to investigate and resolve the conflicts. All of these actions are monitored and available as evidence for auditing purposes.
Flex choose to deploy EZ-Compliance on premise. First a number of workshops were conducted to identify quick wins from out-of-the-box available functions, and to determine what enhancements would be desired in later steps. The implementation was done in a very short timeframe, since EZ-Compliance was able to use existing authorization imports from Baan / ERP LN.
Flex also deployed EZ-Dashboard to facilitate reporting of KPI’s, related to the operational ERP users as well as IT Support users.
After the project, the following benefits were realized:
- Elimination of Excel and E-mail based manual processes;
- Centralized (corporate wide) monitoring of SoD compliance, allowing to achieving labor efficiencies, and easier implementation of central guidelines;
- Fully automated process, preventing human errors and ensuring consistency;
- Ability to report KPI’s with better insight in trends and overall status, enabling better decision making;
- Ability to add additional applications for SoD Monitoring