We solve GRC for smaller SAP companies

Our entire business is focused on building GRC products to suit your team and your pocket. Because companies differ, we've developed three ways smaller SAP companies can affordably handle GRC, whatever their internal capability.

GDPR Compliance for SAP Organisations

A substantial amount has been written about GDPR and its likely legal implications for organisations. In this ebook, we’ve focused on a pragmatic, phased approach to GDPR compliance that SAP companies can implement immediately.

Download now

"Soterion has built its product suite from the ground up to make GRC less of a hassle for GRC practitioners, with intuitive features our users love."

Dudley Cartwright, Chief Executive Officer

What we offer

Software-as-a-Service

What is it?

Soterion's Compliance Cloud platform is a cloud-based, pay-as-you-go GRC Access Risk Tool.

Ideal for?

  • Highly cost-sensitive companies
  • Companies that require access risk assessments seldom or ad hoc. e.g. internal auditors
  • Companies with basic in-house GRC expertise

Benefits

  • Instant GRC access risk visibility
  • Easy-to-use
  • Business-friendly reporting
  • Extremely cost effective
  • Only pay when you use

Managed Service

What is it?

Combine 'on-tap' GRC expertise with Soterion's Compliance Cloud platform for a complete GRC solution. Delivered in collaboration with Soterion's Consulting Partner Network.

Ideal for?

Smaller companies who have a GRC requirement, but lack internal expertise.

Benefits

  • Instant GRC capability, including both tools and expertise
  • Give business hassle free, complete control of access risks via dependable GRC service
  • Significantly cheaper overall solution than employing in-house GRC expertise and purchasing GRC tool
  • Proactive GRC management

On-Premise Software

What is it?

Soterion for SAP is a size-sensible GRC software application, offering powerful, easy-to-use features for smaller SAP companies.

Ideal for?

  • Smaller companies that have a GRC requirement, and have internal expertise
  • Companies with IT policies requiring on-premise solutions

Benefits

  • Powerful, size-sensible GRC features for smaller businesses without complex, unnecessary functionality
  • Highly cost-effective on-premise GRC alternative
  • Intuitive and easy to use
  • Minimally invasive to infrastructure and SAP installation

What customers are saying

"The results derived from Soterion’s solution allowed our SAP security team to easily identify the roles and transactions contributing to the access risk in our system."

Basile Sepsakos – United Energy

"Soterion consulting was an absolute pleasure to work with. They not only have incredible knowledge in the SAP authorization and SAP GRC space, but their professionalism shone through throughout the project."

Peter Atkinson – Global Project Manager – Weir Minerals

"Soterion’s unique functionality of dynamic authorization management provided us with a new level of visibility into our SAP authorization solution. In addition, the simplicity and practicality of the software has allowed for a rapid reduction in segregation of duty risks, with minimal business interruption."

Cuan Kloppers – CIO – Samancor Chrome

"Soterion consulting were an absolute pleasure to work with. They not only have incredible knowledge in the SAP authorization and SAP GRC space, but their professionalism shone through throughout the project."

Peter Atkinson – Global Project Manager – Weir Minerals

"The results derived from Soterion's solution allowed our SAP security team to easily identify the roles and transactions contributing to the access risk in our system."

Basile Sepsakos – United Energy

"We are still in the early stages of the rule set customisation project having only covered Order to Cash and Procure to Pay, but we have already realised numerous benefits and there is no doubt that this is going to be an immensely valuable exercise. Soterion’s SAP Risk consultants are a cut above anything we have seen both locally or internationally."

Craig Rankin – Financial Manager – St Gobain (South Africa)

"Our primary object was to find an SAP access risk tool that matched our GRC capability, but that also allowed room for growth as our GRC maturity improves. Soterion not only ticked all these boxes, but their GRC Maturity Model will ensure our GRC Maturity is fast tracked"

Hennie Steenberg – CIO – Cashbuild

"Soterion’s clean-up exercise allowed us to reduce our segregation of duties count by 98% without any impact on business."

Basile Sepsakos – United Energy

"Soterion has some powerful functionality. We were able to reduce our risk by 80% within two months with no disruption to the business."

James Mason – Group IT Manager – Italtile Ceramics

"We needed to be able to view our SAP access risk exposure on a regular basis, but could not justify an on-premise solution. Soterion’s SaaS option allows us to acquire insights as frequently as we need them with minimal initial setup, on a payment basis that is under our control and just makes so much sense."

Richard van Huyssteen – Director: Systems Division ICTS – University of Cape Town

"The GRC process is a journey... Identify a partner such as Soterion, who understands your business requirements and can walk the journey with you."

Jacolien Slabbert – TSB Sugar

"We have achieved Full System Reliance from our external auditors for the first time in three years, thanks to Soterion’s SOD risk rule set."

Cuan Kloppers – CIO – Samancor Chrome

"Where the SAP authorization outsourcing model is simply order taking, GRC as a managed service involves proactive risk management by the service provider. A much more value-add service."

David Johnson – Senior Manager – Financial Services

Ready to take your GRC to the next level?

FIND OUT MORE