As Jabil’s global SAP landscape expanded, the company faced a pressing need to modernize access governance and transform SOX compliance from reactive to strategic. With millions of SAP transactions occurring daily, identifying true segregation of duties (SoD) violations through manual, consultant-driven processes became costly and unsustainable. Jabil replaced this approach by automating transaction-based SoD monitoring and quantifying access risk to isolate real exceptions from theoretical violations. In this session, Susan Zortea, Jabil’s Global Governance Lead, will share real-world insights into how Jabil migrated to a cloud-based Continuous Controls Monitoring (CCM) platform to strengthen governance, improve compliance, and drive operational efficiency.

In this session, you will learn how to:

• Automate Transaction-Based Monitorin: Replace manual, sample-based audits with Continuous Controls Monitoring (CCM) to analyze 100% of SAP transactions in real-time.

• Isolate Actual Risk: Use data-driven insights to distinguish between "theoretical" access risks and "real-world" violations to focus remediation on verified threats.

• Quantify Financial Exposure: Transition from qualitative risk labels to quantifying the financial impact of access violations to prioritize high-value governance gaps.