ERP Security Assessments

Backbone Consultants has the knowledge and perspective necessary to effectively, efficiently and affordably perform ERP Security Assessments. As your ERP landscape expands inside and outside of your organization, it has increasingly become a target for cyberattacks and abuse. The risk of this growth is multiplied by the dearth of skilled security analysts. Partnering with Backbone will free up in-house staff allowing your internal teams to perform more strategic work enhancing your company's profitability.

ERP Security Program Standup: A strong security program is the foundation of a secure ERP landscape. Leveraging experience gained in some of the largest ERP installations, Backbone can help in evaluating your current ERP security posture and provide assistance in building/acquiring and implementing the following:

•  Governance program over risk and compliance, leading to reduced risk exposure and cost effective compliance with regulatory agencies.

•  Methodology providing a basis for a consistent, repeatable and measurable processes.

•  Tools and skills necessary for efficient technical assessment of the ERP environment.

ERP Informational Technology General Controls (ITGC) Onboarding: Whether it is a single module or multiple, Backbone has a defined ERP ITGC Onboarding methodology that includes:

•  Assessment of the current state of an organization’s ERP ITGCs.

•  Gap analysis of current state with Control Objectives for Information and related Technologies (COBIT).

•  Detailed recommendations for remediation based on the organization’s risk appetite and desired maturity level.

ERP Segregation of Duties (SOD) Assessment: SODs are essential to any Enterprise Resource Management (ERM) system. Using a deliverable based approach, Backbone will assist in:

•  Identifying critical SOD risks in your ERP environment.

•  Determine what ERP functions and access make up the SOD risk.

•  Develop strategies and detailed steps to address and mitigate the SOD risks.

ERP Application Security Assessment: Using a wide range of off-the-shelf and custom built tools, Backbone can assess the security of your ERP Application. Assessing from the outside the perimeter for an external attacker’s perspective and from within for the insider’s view.

Backbone’s ERP Security Assessment service emphasizes your committment to securing your company's primary technology platform. Whether your organization utilizes SAP, Oracle, or any number of ERP platforms, out skilled consultants can assist in maturing your security posture. Backbone has a team of Certified Information Systems Security Professionals (CISSP) and Certified Information System Auditors (CISA) that are qualified and experienced in conducting ERP Security assessments.