Risk management tool


Keep control of your risks and meet the expectations of your auditors in terms of security.

Define and implement a risk matrix and have a powerful risk management tool.

Reduce your risks and prove that you put them fully under control.

Matrice des risques SWAWE

Risk Matrix

SWAWE incorporates a matrix proposal that will be easy to customize according to your wishes. It can easily be used at implementation of SWAWE and then improved over time.
Granularity level of the analysis guarantees the reliability of the result and quickly delivers the information you need to make the right decisions
Tracking and monitoring your risks becomes simple and effective.

Risk Management Tool: Remediation Methodology

Our approach not only reduces risks as much as possible (on average, more than 60% observed after a redesign of roles and users), but also proves at any time that residual risks are under control.
The library of customizable and adaptable to our clients' management processes mitigating controls ensures that each of the critical risks or SoD is perfectly framed by procedures and periodic controls.

Outil de gestion de risques : Méthodologie de rémédiation
SWAWE_ADOVA_Retrait des risques Mensuels Utilisateurs
SWAWE_RISK Simulation result

Main benefits of a risk management tool

Understanding risks

The graphical representation of the SoD matrix in the form of a tree structure makes it possible to group risks by business process allowing a better understanding of the typology of these risks. (Risk grouping by P2P process – Procure To Pay, OTC – Order To Cash, project management ...)

Drastic risk reduction

SWAWE Risk highlights risks on actions/transactions that are not used, thus facilitating the rights remediation phase. On average, 70% of risks are eliminated after a role review project with SWAWE Risk.

Control of residual risks

Once the risks have been minimized, the residual risks must then be controlled. A library of Mitigating controls and reports can be set up in SWAWE to ensure that each of the Critical Accesses or SOD risks is compensated by control procedures.

Main features of SWAWE RISK,
risk management tool:

Customizable risk matrix

The SWAWE RISK risk management tool integrates a standard matrix proposal that can be easily customized according to the company's specificities. (SAP specific transactions in Zxxx or Yxxx to be included in the risk matrix)

Impact simulation engine

Before performing the action of assigning rights to a user, it is possible to simulate via SWAWE RISK a SoD analysis to understand its impacts. This becomes a decision-making tool based on the SoD results obtained by simulation.

Granularity of analysis

To avoid reporting many unproven SoD risks ('false positives'), the composition of the actions within the risks must be as detailed as possible. To rachieve this, our SoD matrix proposal is based on permission objects that are the finest elements at the permission level.

Reports and dashboards

Depending on the needs, SoD analyses can be represented in various forms. Indeed, for a authorization administrator, it will be useful to have a detailed list of users with the associated risks, the impacted transactions and their uses whereas for a financial controller, it will be more synthetic graphs in the form of histograms, pie charts allowing him to quickly make decisions on the actions to be implemented in terms of SoD ...

Reliability and speed

SWAWE performs real-time reading of permission-related information in SAP. The information is therefore always up-to-date and reliable. In addition, SWAWE makes it possible to reprocess this information quickly to have a synthetic vision in the form of reports, graphs or dashboards.