[Customer Story] How ProfileTailor GRC Helped Global Shipping Leader, ZIM, Streamline Segregation Of Duties And Authorizations in SAP

Esha Panda - August 31, 2021

ZIM Integrated Shipping Services Ltd., commonly known as ZIM, is a publicly held Israeli global container liner shipping company. The company operates over 100 management systems spread across the company’s global offices. Each system has multiple users running numerous applications, all consisting of different authorization systems. This scattered approach eventually led to siloed teams operating with their own rulesets and segregation of duties (SoD) policies, which stood in the way of effective internal audits within stipulated timelines.

The decentralized teams at ZIM needed a comprehensive GRC solution to streamline SoD, standardize context-aware controls, and customize authorization management solutions for their different locations without impeding productivity. Specifically, they needed a system that would:

Control authorizations in a multi-regional, multi-system environment
Manage authorization related processes effectively on all systems worldwide
Comply with SoD in a complex environment
Monitor activity in production systems

So the company turned to Pathlock Security’s ProfileTailor GRC solution to improve their global, multi-system authorization layout and improve GRC compliance.

ZIM’s Transformation From Siloed To Centralized

ZIM’s transformation from siloed to centralized did not happen overnight. It was a large-scale, global roll-out with multiple milestones that Pathlock played an integral part in.

Centralizing Control & Visibility Over Global Authorizations: ZIM now has centralized control over global authorizations in their complex multi-system environment with Pathlock’s ProfileTailor GRC Solution. Additionally, they have generated Employee Cards consisting of authorizations on all applications from a single point of view. This is providing visibility to relevant managers in every location.

Identifying SoD Violations: ZIM’s BMC Remedy IT Management System seamlessly integrated with Pathlock’s solution in the next phase. As a result, ZIM can now stop potential SoD violations in their tracks at the early stage of requesting authorizations, helping their teams streamline Segregation of Duties and stay compliant in the long run.

Automating & Customizing Authorization Review Process: With their authorization request policies cleaned up, unified, and customized for each location, ZIM is now operating with an automated authorization review process without disrupting the workflow. They are also able to save overhead expenses and have become audit-ready.

The Last Mile – Standardizing Contextual Access Controls: Presently, ZIM is equipped to control the access of the IT teams into production systems. With Pathlock’s ProfileTailor GRC, they can now continuously monitor users in the production environment and allocate temporary roles for specific tasks.

Their teams can standardize every process in terms of access, authorizations, and policies while allowing exceptions (e.g., specific data privacy regulations) based on locations.

Streamline, Standardize, Customize: Pathlock’s Framework Could Benefit You Too

Through a series of successful implementations with the help of Pathlock Security, ZIM is now –

Streamlining Segregation of Duties
Standardizing context-aware controls
Customizing for each region without workflow disruption

If your organization is working with siloed teams engaged in manual audits and approval processes, Pathlock’s ProfileTailor GRC Suite is your one-stop solution to gain better control over access risks, SoD, compliance, and audit. It can be used as a stand-alone solution for streamlining, managing, and enforcing SoD or as part of a suite of compliance products.

ProfileTailor GRC is compatible with all leading ERP applications, including SAP, Oracle E-Business Suite, Oracle PeopleSoft, Microsoft Dynamics, and more. Best yet, it can be implemented rapidly and will not require any changes to monitored systems.