DXP Mitigated Compliance Risks by Automating SoD Conflict Management
Customer Profile
Name of Customer | DXP Enterprises, Inc. |
Headquarters | Houston, TX |
Customer Industry | Distribution Management |
Web address | https://www.dxpe.com |
Business Requirements
DXP Enterprises is a publicly traded professional distribution management company that provides products and services to a variety of industries through its Innovative Pumping Solutions (IPS), Supply Chain Services and MROP Products and Services.
DXP reported (2019) more than 1.2b in revenue, employing about 2.700 people in North America. To comply with SOX legislation, Segregation of Duties needed to be managed carefully for the deployed Syteline instances. Given the number of users and the additions and changes in security roles, manual processing in Excel would be a laborious and error prone exercise.
Solution
DXP analyzed different GRC/SoD solutions, based on a set of requirements, and evaluated the outcomes. The outcome of the selection process was a clear choice for Dynaflow Compliance, based on how Dynaflow relates to security access and SOD conflicts. Dynaflows’ experience and track-record with Infor Syteline and the pre-defined Conflict Rule library was another big factor in this decision.
Implementation
Dynaflow implemented Compliance turnkey and thus made the implementation very simple for DXP. They worked with the DXP project team to setup the connection between Syteline and Compliance, to automate the SoD conflict identification. Compliance setup and configuration was combined with personalized training to utilize and manage Compliance. Finally, together with financial and subject experts, the SoD Conflict Rule Library was tuned to reflect DXP process- and organizational requirements.
Benefits
After the short implementation and setting up the Conflict Rule Library, the User (granted) Access was loaded, and the SoD Conflicts were presented in a dashboard. This was the starting point to refine the security groups to resolve and/or mitigate SoD Conflicts. Compliance is used on an ongoing basis to monitor and maintain compliance, while changing and adding security groups. Finally, DXP mentioned that Dynaflow provides excellent product support and customer service.