https://www.en.ispicio.com/blog daily 0.75 2020-05-29 https://www.en.ispicio.com/blog/business-processes-in-jira-part-1 monthly 0.5 2020-05-23 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1590155633689-8CXZEY02VY0RZCXFEF4I/Business-Process-Jira.png Blog - 3 Reasons why to use Jira in Management Processes | Reason #1 https://www.en.ispicio.com/blog/its-as-grc-tool monthly 0.5 2020-05-15 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1589533108957-3P06LF06IZN6AZD94V56/ICS_Dashboard_in_Jira.jpg Blog - Jira as GRC tool? https://www.en.ispicio.com/blog/category/IKS monthly 0.5 https://www.en.ispicio.com/blog/category/Compliance monthly 0.5 https://www.en.ispicio.com/blog/category/ICS monthly 0.5 https://www.en.ispicio.com/blog/category/GRC monthly 0.5 https://www.en.ispicio.com/blog/category/JIRA monthly 0.5 https://www.en.ispicio.com/download-grc-tools daily 0.75 2026-02-26 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588834652370-7N4G6EXF7Z5A31AIUCMK/Download%2BISPICIO_S.png Download Audit & Compliance Tools - ISPICIO_S https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588835182022-GF0HINOGR3PCCNG8BG4R/Download_X_for_SAP.png Download Audit & Compliance Tools - ISPICIO_X https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588836636237-0OAL2T2ED3J0XGIBFV2O/Download%2BISPICIO_E.png Download Audit & Compliance Tools - ISPICIO_E https://www.en.ispicio.com/privacy-cookie-policy daily 0.75 2020-06-30 https://www.en.ispicio.com/contact daily 0.75 2020-07-20 https://www.en.ispicio.com/governance-risk-compliance daily 1.0 2024-06-10 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588580419437-7LYR5H8CQEL2WNIH5DSR/ICS-Dashboard_Jira.jpg ISPICIO | Compliance Made Simple - Internal Control Systems with Jira Internal Control Systems (ICS) face numerous challenges: Risks must be recorded, assessed, approved and reported in a timely manner. Based on your Risk Assessment, a control environment must be designed and rolled-out. The controls in turn must be procured in time and evidences must be provided for internal and external audits. Find out, how Jira from Atlassian can help you achieve all your goals at low cost and in record time. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588580599860-WFRVXW279CL2KNSUO7KM/Jira-Customizing_aaS.jpg ISPICIO | Compliance Made Simple - Digital Transformation – Admins to Rent The implementation of new use cases or the integration of new company divisions in Jira in the course of the Digital Transformation comes along with short-term peaks for the Jira administration. For this reason, delays in implementation often occur – which is not very agile. We at ISPICIO assist you with countless blueprints from numerous completed projects. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588616035402-OGFBH8OYOO68UXNBYJK1/SAP_Emergency_Access_Dashboard.jpg ISPICIO | Compliance Made Simple - Emergency Access Management for SAP The use of Super User credentials in SAP FI environments represents a high risk, because they affect the correctness of your financial reporting. For this reason, tax authorities, legislators and (external) auditors pay close attention to direct accesses to productively used SAP systems. Learn more about our unconventional and cost-effective Emergency Access Management solution "ISPICIO_E" for managing, monitoring and reporting of your SAP emergency incidents. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588616122244-VCT4T5J15RBKD83P2495/Permissions_ITGC_SAP.jpg ISPICIO | Compliance Made Simple - Authorizations and ITGC in SAP systems The assignment of authorizations according to the need-to-know principle and the compliant operation of your SAP installations is a Herculean task. Our tools "ISPICIO_S" and "ISPICIO_X" help you audit and improve your SAP system landscape in regard to critical authorizations, segregation of duty conflicts (SOD), IT General Controls and much more. https://www.en.ispicio.com/agile-risk-control-management daily 0.75 2020-05-16 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588617168792-X8XKROOZYS32UNHVJZLI/ICS-Dashboard_Jira.jpg Internal Control Systems with Jira - Internal Control Systems... Compliance with laws, regulations and policies demands Internal Control Systems (ICS) from many different perspectives: Financial ICS, Tax-CMS, Privacy Policies, SOX, ISO and many more. What they all have in common is that, based on a risk assessment, they require the implementation of a control environment and proof of its effectiveness. We at ISPICIO have developed an approach over many projects, which relies on the use of the standard software Jira from Atlassian for assuring operational effectiveness and efficiency. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1589207820832-ADKT8GL16ZPGE0SBRL0W/Jira_Swiss_Army_Knife.png Internal Control Systems with Jira - Jira vs. Dedicated Software Solutions There are numerous of dedicated software solutions for the Management of Internal Control Systems on the market. In most cases, they depict a single use case (e. g. Tax Compliance). And in general they work fine. But they have conceptual disadvantages: Every software must go through the entire procurement process. Both, the administration and the users have to be continuously trained on each system. Furthermore, for each software solution, an authorization concept must be implemented, a change management and backup process must be designed, documented and monitored. And if the software is integrated to other systems, all interfaces must also be implemented, documented and tested with every update. By using only one software solution, which ideally is already in use in the IT department, the above-mentioned points can be met either not at all or only once. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1589383579395-8GZT9LQRPAY00IN6CDPL/Agile_Internal_Control_Systems.png Internal Control Systems with Jira - Why ISPICIO? In recent years, we have successfully implemented many use cases in the compliance environment for our customers. These include Risk and Control Management (ICS), Identity Management Systems, SOX Management Testing, (Pre-) Compliance Audits and many more. We therefore have a large number of blueprints that only need to be adapted to your needs. This saves you time and money. Benefit from our concentrated expertise! We will be happy to advise you. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588617850207-1POSIXSL8MY5CLT16GJL/Rent_an_Admin.png Internal Control Systems with Jira - What we do and what we don't We offer you an end-to-end service in the Atlassian product stack. From the initial consultation and conceptual design all the way through the coordination with the departments and thee management, to the customizing and maintenance of your installation. User trainings and workshops (onsite and online) complete our offer. Please also read our "Admins to Rent" subpage. Not included in our scope of services are all content-related or legal questions. If desired, we can also draw on our partner network of well-known auditing companies and specialists who are very familiar with our approach from past projects. https://www.en.ispicio.com/rent-an-admin daily 0.75 2020-05-13 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588618090537-QNCN5J0BFP9W55Z42IUD/SMART_Admins_to_Rent.jpg Digital Transformation – Admins to Rent - Customizing the Atlassian product family The Atlassian product portfolio is characterized by a high degree of integration combined with enormous scalability. Therefore Jira, Confluence & Co. are often the first choice for the Agile or Digital Transformation of companies. This applies in particular for the ability to depict a wide range of use cases in small number of software products. However – no advantages without disadvantages! The variability and the many setting options can result in a considerable customizing and documentation effort. Especially for compliance related use cases. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588618216174-P9CP6V45L5TC6EOISWS0/Customzing_Workflows_in_Jira.jpg Digital Transformation – Admins to Rent - The Atlassian Administration as a Bottleneck Implementation projects are usually characterised by a high work and resource load. If these capacities are not available, the project duration will be extended or the project will be delayed. However, this contradicts the desired agility and the demand for short time-to-market periods. Once the use cases have been implemented, rolled out and the "project" is completed, the customizing effort is usually reduced to a minimum. For this reason, it is usually not worthwhile to increase personnel in this area in the long term. In addition, in many cases it is not easily possible to create vacancies or find suitable specialists in the short run. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588618351289-UUPHY694XH7E3KS6DXBD/End-to-End_Support.jpg Digital Transformation – Admins to Rent - End-to-End Support We at ISPICIO support you in your digitisation projects with a holistic approach. From the requirement analyses, the conception, the actual customizing, the creation of the admin and end user documentation to the training of the users. In doing so, we take on the classic role of the business informatic consultants. We see ourselves as mediators between the department and the Atlassian administration. After the successful implementation of digitization projects, we hand over the Jira projects, Confluence Spaces etc. to your DevOp teams. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588838770915-Q3LHLCEYLRZSYOK0ZA6Y/Sprinter.png Digital Transformation – Admins to Rent - Our Experience and many Blueprints for a fast Implementation Why reinventing the wheel? In recent years, we have successfully implemented numerous digitization projects in the Atlassian product stack. Examples are Internal Control System, Risk Management System, SOX-compliant Contract Management, Software Catalog, Identity Management and many more. We have a large selection of blueprints and templates that we adapt to your needs. At the same time we attach great importance on compliance. This saves you time and money. Let us advise you free of charge! https://www.en.ispicio.com/authorizations-itgc daily 0.75 2020-05-13 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588618721297-DGWA6QT8X7C7F5VY9DLR/IT_General_Controls_SAP.jpg Audit Authorizations and ITGC in SAP - Your Mission You are an auditor and want to check the compliance of a SAP system landscape efficiently and in a documented way. There are two main areas of interest here: One area of concern are the assignments of authorizations according to the need-to-know principle while ensuring the segregation-of-duty. And the other one is the compliant operation of the SAP installation itself - the IT General Controls (ITGC). The ITGC can be further subdivided into the areas "Access", "Change" and "Operations". This task is a challenge for one SAP system without any tools. In the case of multiple and distributed systems, this cannot be achieved without dedicated software. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588618802794-BR29XAFEO0Q80IEIJ90X/SAP-Tables_RFC.jpg Audit Authorizations and ITGC in SAP - Our Approach Our software ISPICIO_S is a lightweight but powerful desktop software that generates standardized reports based on SAP tables and checking rules. It enables you to download the required SAP tables via the RFC interface. The SAP raw tables can thus be stored in an audit-proof manner and the analyses performed can be traced at any time. Our checking rules in regard to authorizations (incl. SoD) and the SAP profile parameter can be maintained and extended easily and transparently in Excel. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588618910343-TSI2GEN845EBKQQZT5IO/SAP-Authorization_Check.jpg Audit Authorizations and ITGC in SAP - Key Benefits Our software is easy-to-use and supports you in many ways. In the course of authorization audits, ISPICIO_S analyses users and roles at authorization object level. ISPICIO_S is therefore ideal for role maintenance and user recertification. And with the possibility to maintain the checking rules in Excel by yourself, you can define custom SoD-conflicts and integrate custom developments (Z transactions). Another advantage of our approach is that nothing needs to be installed in SAP for data extraction. RFC read permissions suffice. And with our free ISPICIO_X, your clients or your administrators in remote areas can, for example, easily and comfortably perform the data extraction for you. We call this asynchronous use. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588619084630-JR1JI8X9RPA1OG1QY3Q1/ISPICIO_S_SAP-Audit-Software.jpg Audit Authorizations and ITGC in SAP - Interested? You would like to test our software and for 14 days free of charge? Simply contact us. We would be happy to arrange a free screensharing session (1 hour). https://www.en.ispicio.com/emergency-access-management daily 0.75 2020-05-13 https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588839187180-GPN2TNIZFSEOSUIA9MM7/EAM4SAP_First_Aid.jpg Emergency Access Management for SAP (EAM) - That's what it's all about Any direct access to the SAP production systems with superuser permissions represents a high risk. Fraud and unintended activities may result in financial loss or incorrect financial reporting with potential serious consequences. That is why they are under particular observation from auditors and tax authorities. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588663289991-LYXV3SMHI5E76W6GUDFI/SAP_Emergency_Access_Protocols.jpg Emergency Access Management for SAP (EAM) - Best practices A good emergency user concept assures that, a documented emergency access concept exists the Superuser credentials are secured against unauthorized access every Superuser deployments are logged any use of emergency user credentials is subject to an approval and notification process The review of every Emergency User operations is mandatory and documented https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588663396082-UV49JRTBGSIQEKO57FAG/Emergency_Access_Management.jpg Emergency Access Management for SAP (EAM) - A specialized software is crucial The traceability of each and every Emergency User operation with SAP standard functionalities is almost impossible (audit trail). This comprises the assignment of Superuser credentials itself, the protocoling of any actions (Security Audit Log) during the emergency access and ends with the review of all log files. When you have multiple instances and distributed clients, the centralized monitoring and reporting is also challenging. And, at the end you need to provide internal end external auditors with evidences. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588663484818-CO2IE5512J2RU0MLTI2V/SAP_Emergency_Access_Request.jpg Emergency Access Management for SAP (EAM) - A revolutionary concept – ISPICIO_E We came up with an unusual approach: Our Emergency Access Management software (EAM) is based on a web server application and connects to SAP via RFC. To start an emergency access, entitled users browse to ISPICIO_E (Intranet) and log-in with their individual credentials. Here they enter a reason and a ticket reference ID. After doing so, they obtain an one-time Superuser ID. In the background, ISPICIO_E creates a dedicated Emergency User and links it to the Security Audit Log (SAL). Then, ISPICIO_E checks continuously if the Superuser is still active. If not, ISPICIO_E deletes this particular Superuser again and downloads the SAL log file to the internal database. In the aftermath, a mandatory review of the Security Audit Log file is assigned to a reviewer for approval, which is documented, too. https://images.squarespace-cdn.com/content/v1/5ea7ce5420562b360aac097a/1588663582493-U1SQGMYHYZMRTDBO9LBU/SAP_Emergency_Access_Dashboard.jpg Emergency Access Management for SAP (EAM) - Key Benefits Our approach meets all the requirements for a compliant management of SAP Emergency Users and has many advantages: Installation and setup is straightforward: Rapid implementation, no specialists, no training is needed an unlimited number of SAP systems can be connected, regardless of their location and without additional license costs each and every emergency user incident, its protocols and reviews are stored centrally for monitoring, reporting and auditing Best of all: ISPICIO_E is reasonably priced https://www.en.ispicio.com/imprint daily 0.75 2024-09-02