Likelihood to Recommend Onapsis is divided into 4 major components,
Assess Comply Defend Control In assess, it does a whitebox and blackbox testing of the ERP systems that have been added to the Onapsis console. It highlights relevant application issues and automates the process, also provides the solutions to implement the fix. In comply, it provides a governance on the various regulatory compliances which the firm has to follow, as well as provides a firm grip to the audit and ERP admin team. In control, it enables a workflow of 15 pre-defined parameter values within the SAP system and helps monitor, and track the changes made to those parameters. The capabilities are to either block, or request for an approval for changes made to those parameters in addition to just monitoring them. In defend, it goes through the SAP logs; and compares it with a pre-defined ruleset to alert the end-users via email or SIEM tool or both.
Read full review In my opinion, SAP Process Control is well suited for bigger companies with an already mature Internal Control System as well as for bigger companies who want to completely new/redesign the internal control system. The size of the company, as well as the budget, is quite important when thinking about the implementation of SAP Process Control. A smaller company with e.g., 150 people should think more about implementing SAP FCM.
Read full review Pros Eliminating the manual process improves the overall accuracy of results and also frees up valuable resources to focus on other different projects. Onapsis provides great leverage to our technical teams in order to review in a standardized way of the landscape. Onapsis always matches vulnerabilities with useful context and finds possible solutions. Onapsis is usually implemented to continuously monitor, and alert us on any issues on the SAP systems. Not only this but implementing Onapsis also eliminates the network on the year-end and month-end audits and helps in making the overall process faster, smooth, efficient as well as accurate. Read full review Native connection to SAP applications Automated monitoring process of SAP applications Workflow capabilities for control testing Read full review Cons Multiple UIs No proper customization of UI log-off Tedious setup of Control component No proper error messages received Read full review Default delivery of controls could be done by SAP on some basic controls like client openings, password controls, etc The messaging or customization of messages in different workflows is limited, which could be introduced to enhance the product SAP Process control does not have the capability for cloud product monitoring which is required with more SAP cloud products available right now Read full review Alternatives Considered Honestly, I havent use something like Onapsis before and currently I am not aware if there is something similiar out there. They are one of a kind and is a complete suit, so is unlikelly that someone from outside will appear with a better solution.
Read full review The connectivity with other SAP products out of the SAP GRC suite, like Access Control and so on, was key for the decision. Also we had an already mature SAP System landscape as well as having internal processes that were similar to the SAP Process Control standard processes helped us with the decision to implement SAP Process Control.
Read full review Return on Investment It offers very reasonable packages. The customer support of Onapsis is reliable and efficient. It is a great platform as it shows a unified and easy-to-read different and complex topics in a simpler way. Read full review Automated alerts for controls issues Workflow capabilities; however, there's natively only 2 levels of review. More layers would be beneficial. Read full review ScreenShots