Setting the Course for Future SAP SoD Compliance at GATX Rail Europe
From road to rail: more and more companies want fast and, above all, sustainable transport of their valuable goods or raw materials. With GATX Rail Europe, they have a partner at their side who fulfills precisely this wish.
As one of Europe’s leading fullservice freight car rental companies, GATX Rail Europe serves more than 220 customers from a wide range of industries and provides them with a fleet of more than 26,000 tank and freight cars. This is how the company is getting the future of logistics rolling.
SOX compliance is of outstanding importance to us. Accordingly, it was important for us to have a partner with expertise in complex GRC and risk management projects. Turnkey Consulting provided us with excellent advice and always found the right solution, even for complex requirements."
— Christian Beis, Head of IT Europe
Challenge
Companies are living organisms. They are born, they develop their own character, and only when all the links mesh perfectly healthy growth is possible. Companies that have recognized this rely on cleanly structured SAP authorization concepts and clear role administration. This was also the case at GATX Rail Europe.
The company was looking for a specialist to develop cross-divisional concepts for general authorisation standards and SOX compliance as part of an SAP migration.
The goal:
Identifying, resolving and effectively preventing functional separation conflicts, all of which were exciting challenges that we were happy to take on.
Solution
From the department to the team to the individual employee: Different responsibilities and authorizations exist in every company. If these are not clearly separated from one another, the company exposes itself to high risks.
Inefficient processes are the least of the problems. Theft of sensitive customer data or manipulation of company accounts are also possible consequences.
It is important that companies carry out regular SAP Authorisation reviews. GATX Rail Europe understood this and commissioned us to analyse and optimise the SAP authorization concept.
This enabled us not only to identify existing functional separation conflicts, but also to close gaps in the existing authorization concept.
This was made possible by our experts’ experience in adapting various SOX requirements to the customer’s individual needs.
The “Golden Rule Book” specially developed by Turnkey, which we can use to check the GATX systems for potential conflicts, was also an important success factor in finding a quick and, above all, sustainable solution.
“
In just three weeks, Turnkey identified existing role conflicts and developed a strategy for minimizing future risks in our company. A result that thrilled us, especially with regard to the tight schedule.”
— Christian Beis, Head of IT Europe
Benefits
Efficiency: Turnkey offers its customers a unique combination of audit and business process know-how as well as a deep understanding of the interaction between the individual business departments and IT. As a result, the project was successfully completed even within the tight timeframe.
Security: Thanks to our consulting services, GATX Rail Europe has been able to significantly reduce internal risks and is thus optimally prepared for audits and inspections.
.png)
.jpg)
