ERP implementation risks

Lower risk and reduce the cost of compliance

A proven methodology to manage risk and improve security and controls ROI when implementing your ERP system

Implementing or upgrading a new enterprise resource planning (ERP) system or large customized software implementation is laden with potential pitfalls as these platforms affect nearly all primary operations of your organization. Many times, we see companies go live without knowing if all business requirements were met. Sometimes companies don’t know if their new ERP system will meet global regulatory requirements. Sometimes data migration or security access issues create business operation problems at go-live. Often companies find they are overpaying for security licenses because their application security was not appropriately customized to meet organizational needs.

RSM US LLP can help you avoid these pitfalls. Our implementation risk professionals have decades of experience managing program risk; designing regulatory compliant security that also reduces user license costs; managing automated control enablement within various ERPs and applications; and enabling emerging technologies or ERP governance, risk and compliance (GRC) technologies during implementations. Our proven methodology focuses on the risk of key program success factors and is designed to help you realize the full return on your investment.

Our team has deep experience with large custom software implementations, as well as in risk, security and controls with a variety of leading ERP solutions including:

  • SAP
  • Oracle
  • Microsoft Dynamics 
  • NetSuite
  • Workday

RSM not only has deep experience in the configuration of these ERPs with regard to security and automated controls design, but we can also provide risk oversight during your ERP implementation. Whether you need program risk oversight, or an independent verification and validation (IV&V) or the U.S. Food and Drug Administration (FDA) computer system validation (CSV), our knowledge, experience and flexible methodology and approach help us craft a solution tailored to your unique circumstances.

We help you evaluate all strategic options, being especially mindful of the selected system integrator and type of regulations applicable to your business environment, including Sarbanes-Oxley Act, FDA, General Data Protection Regulation (GDPR) and other global regulations, data privacy concerns and tax structures. We also evaluate your internal organizational structure and culture regarding its adaptability to change, the bandwidth of internal employees and other critical companywide initiatives.

For software being implemented in FDA-regulated industries, our FDA CSV services assess your system for software verification and validation and process validation, to meet FDA CSV requirements from installation qualification (IQ), to operational qualification (OQ) and performance qualification (PQ).


RSM’s ERP implementation risk service team’s capabilities:

RSM’s IV&V assessment methodology is based on the Institute of Electrical and Electronics Engineers (IEEE) standards for software verification and validation, but is enhanced with several frameworks including ISO2700, PMBOK/PMP, COBIT5, ITILv3, PROSCI, COSI, SOX, NIST, PCI and HIPAA. Our IV&V approach determines if the software, hardware, documentation and user requirements have been designed completely, accurately and consistently.

Our methodology is flexible to align with any ERP and any industry, with any type of project methodology (i.e., agile, waterfall or hybrid), upon which we then bring in ERP subject matter professionals when a deeper understanding of system functionality and options is needed. Our methodology is flexible; we work with many customers to customize our IV&V assessments to contain the specific areas of high risk that our customers would like us to focus on.

Additional insights

 Line Illustration of gears
Recorded webinar
Best practices for global implementation of a NetSuite ERP system
Join RSM US LLP’s webcast to learn how to effectively implement NetSuite for your global business.
e-book
Managing third-party risks across your life sciences business
Life sciences companies: Learn the importance of anticipating and managing key risks when working with third parties.
Article
Optimizing your ERP implementation: Understanding 7 key risk areas
Learn about how you can mitigate ERP project risks that can create vulnerabilities, cause regulatory concerns and derail an implementation.

Additional solutions to achieve your organization’s goals

Netsuite icon
NetSuite industry solutions
Oracle risk advisory capabilities
security lock
SAP risk advisory capabilities

Contact our risk professionals

Complete this form and an RSM representative will be in touch shortly

RSM Catamaran

RSM’s suite of integrated, outsourced solutions has the power to transform and strategically evolve your finance, IT, risk and HR functions for the future. Through RSM Catamaran, we add value without adding overhead costs, by giving you access to a deep knowledge base and cutting-edge technology.

Subscribe to Risk Bulletin

Our cybersecurity, risk and fraud professionals provide regular insights and regulatory compliance updates to help your organization manage risk. 

"