ERP Risk Advisory

When it comes to ERP security controls, experience matters.

Vulnerabilities exist in all enterprise resource planning (ERP) systems because out of the box, these systems don’t come with the controls enabled that regulators, management and internal auditors demand.

It takes years of experience to identify and design optimal ERP controls, develop efficient ways to test them and remediate ERP control failures. Staying on the “cutting edge” of ERP security controls is difficult. Rather than continually training your staff and using their time to perform ERP risk assessments, it makes sense to partner with experienced professionals who do this work every day. That gives your employees the freedom to work on higher-value projects.

RSM’s consultants have extensive knowledge of ERP systems, including:

  • SAP
  • Oracle
  • PeopleSoft
  • JDE
  • Microsoft Dynamics
  • NetSuite
  • Epicor, and more

GRC tools and controls

Our professionals can also help you with governance, risk and compliance (GRC) tools, including GRC tool selection, rule-set implementations, assessments, and designing GRC programs that maximize your GRC tool investment.

When it comes to ERP security controls, one size does not fit all. Our ERP risk advisory team uses RSM’s proven ERP methodology and automated assessment tools, based on industry-leading practices, and customizes our services to meet your needs.

Whether you need help designing controls during an ERP implementation, performing an ERP security assessment, establishing ongoing ERP controls monitoring or anything in between, RSM can help.

RSM’s consulting services for ERP systems include:

You’ve made a significant investment in your ERP system. When it comes to risk prevention, turn to an advisor you can trust―someone who understands compliance, your ERP system and your needs.

Recent Insights


Top 10 SAP audit and security risks

With hackers increasingly targeting ERP system vulnerabilities, companies must know and address potential risks to their SAP systems.

  • Luke Leaon


Optimizing your ERP implementation: Understanding 7 key risk areas

Learn about how you can mitigate ERP project risks that can create vulnerabilities, cause regulatory concerns and derail an implementation.

  • Kari Sklenka-Gordon
  • |
  • April 17, 2017


As SOX costs persist, companies automate more controls

More companies are automating internal controls. Learn more as industry professionals offer insight into the reasoning behind the trend.

  • Kari Sklenka-Gordon
  • |
  • January 24, 2017


Effectively performing SoD and sensitive access assessments for ERPs

Performing automated SoD assessments with GRC tools can help you better manage ERP risks and fraud amid a stronger regulatory environment.

  • Kari Sklenka-Gordon
  • |
  • December 06, 2016


Minimizing fraud exposure with ERP segregation of duties controls

Companies must understand segregation of duties control risks that can result in fraud, and more effort and investment following ERP implementation.

  • Luke Leaon
  • |
  • January 19, 2016

How can we help you?

Contact us by phone 800.274.3978 or
submit your questions, comments, or proposal requests.

Rapid Assessment®

Watch our Rapid Assessment video to learn more about this "quick-hit" diagnostic of your critical areas of operations.




2019 economic and risk outlook

  • January 22, 2019


Health care industry 2018 fall webcast series

  • November 15, 2018


Cloud risk and compliance

  • November 07, 2018


Auditor Assistant Webcast: Creating efficiency for Internal Audit

  • October 30, 2018


Data privacy: Finding opportunity in the new regulations

  • October 17, 2018