Quick navigation

Comsec Consulting BV

Comsec ERP Security Services

Improve the internal controls and security level of ERP systems

Website

Main Categories

Strategy and Planning

Compliance & Auditing

Policy Assessment and Development

Risk Assessment

Security Architecture Assessment

SAP User Transaction History

SAP Access Governance

SAP Compliance

Segregration of Duties

SAP Audit & Security

Security controls & Policy Compliance

Security Standards implementation

Data Loss Prevention - DLP

Data Leakage Prevention -DLP

Policy Based Access Control (PBAC)

Role Based Access Control (RBAC)

Attribute Based Access Control (ABAC)

SAP Governance (SAP GRC)

SAP Roles and Profiles

GRC Consulting / Governance, Risk & Compliance Consulting

ERP Security

Value Proposition

Problem

Segregation of Duties alone is no longer sufficient. For many years Segregation of Duties (SOD) was considered the one and only ERP security vulnerability. While SOD security is a must have for every organization, there are many other threats and vulnerabilities that need to be considered such as: Denial of Service, unsecure ABAP coding, broad access rights, weak access credentials etc.

Solution

Comsec provides a wide variety of Information Security services in order to improve the internal controls and security level of ERP systems. Our goal is to decrease the risks associated with an organization’s ERP system and to manage these risks efficiently whilst achieving the company’s business objectives

Main Activities

ERP Information Security Strategy, Architecture Design, Security Design, Security Policy and Procedures, Data Leakage Protection and Compliance with various standards and regulations
Information Security Controls Implementation in an ERP Environment, Security Development Lifecycle (SDLC), Authorization implementation and GRC tool implementation
Daily monitoring and maintenance of controls in order to guarantee a minimal level of exposure to security risks
Daily monitoring and maintenance of controls in order to guarantee a minimal level of exposure to security risks

Customers