Smart Audit enhances Workday compliance and streamlines audit process for global tech corporation

Home · Insights · Success Stories · Smart Audit enhances Workday compliance and streamlines audit process for global tech corporation
Date posted
16 August 2023
Reading time
5 minutes
The goals
image
Ensure
compliance with global regulations
image
Comply
with organisation's internal policies
Icon featuring three people
Manage
audit process with team of three
The results
image
Surprising
auditors with high levels of efficiency
image
Major
reduction in identity and data access errors
image
Increased
automation to reduce manual and repetitive tasks

In our organisation, we not only have to make sure we meet the rules of external global regulations, but also our internal policies. Smart Audit ensures we remain compliant in both. When our auditors identify issues, we can tell them that we already have good controls around the problem. We showed them the results of our work with Smart Audit – they were very happy and surprised that we have such good visibility and actionable insight.

Workday Technical Owner & Controls Lead

About the organisation

A global technology and consulting corporation that offers a wide range of products and services. With a rich history spanning over a century, the organisation is known for its innovation and expertise in advanced technologies, including artificial intelligence, cloud computing, analytics, blockchain and quantum computing. The organisation has annual revenues in excess of $60bn and employs a quarter of a million staff worldwide. 

Managing a major auditing challenge

Workday has been a staple of the tech corporation's internal business and financial operations for years and has become the organisation’s master HR management system, holding sensitive information on employees. Given the size of the employee base at the firm, there’s huge pressure to ensure the right policies and processes are in place to mitigate compliance and security and privacy risk.

However, putting the right controls in place for access to employee data in Workday is only half the battle. Highly regulated and complex multinationals like this organisation also have a significant audit burden to manage. The organisation originally didn’t have the tools to streamline this essential but cumbersome process.

“We desperately needed a tool that would help us to automate audit checks and run reports. But we also needed the ability to quickly digest this data so we could address controls, such as who has access to what data and how accesses are changing,” explains the Workday Technical Owner & Controls Lead.

image

Looking for speed, efficiency and automation

Workday is a financially significant application for the tech company, containing highly regulated data such as personally identifiable information (PII) on employees. There are strict internal regulations around such data to comply with, as well as external audits. These checks can be seen in the context of a growing patchwork of regulations around the world. First came 2018’s EU General Data Protection Regulation (GDPR), which places strict controls on how customer and employee data should be handled and secured. Followed by a domino chain of similar laws across the globe, in parts of the US, Brazil, China and elsewhere.

With this mosaic of regulations in mind, it was vital that the organisation ensured data was accessed on a strict need-to-know basis. The complexity of managing these access rights across multiple jurisdictions is intensified by the fact that employees might change roles, and then require access to a different set of data. This was made doubly challenging because the team managing access had only three members.

“It’s just me and two other colleagues in the audit team. So, speed and efficiency were key for us, but manually running audits and doing checks is repetitive, boring and slow. We wanted to be able to really focus on the results of the audits and drill down into those risky areas,” says the Workday Technical Owner & Controls Lead.

Teaming up for long-term success

The tech giant has been a Kainos partner for many years, starting its engagement with a deployment of Smart Test, another product in the Kainos Smart suite. The organisation was so impressed by its quality and its impact on the business that it also adopted Smart Audit.

“The first go-live with Workday was in 2017 and my former colleagues partnered with Kainos to get things started and configured with Smart Test. We’ve been strong partners with Kainos right from the beginning of our Workday journey, so expanding that relationship into the audit function was a natural move,” says the Workday Technical Owner & Controls Lead.

image

Kainos drives clarity, simplicity and accuracy

This long-term partnership has had an extremely positive impact on the Workday Technical Owner & Controls Lead and his team, enhancing their productivity whilst mitigating compliance and reputational risk for the global tech corporation. Smart Audit works automatically in the background at scheduled times every day, generating reports for the Workday Controls Lead and his team to check and flag items for further inspection. This has delivered huge improvements in the speed and efficiency of the team, freeing them up to work on higher value business-related work.

“Kainos is extremely customer focused. We are very happy with the support we receive from the team and the speed of delivery Kainos provides with its solutions. We trust that Kainos solve issues for us when they arise and we can continue to focus on other high-priority tasks,” adds the Workday Technical Owner & Controls Lead.

The user experience is made seamless thanks to a highly intuitive UI that makes it easy for the team to navigate and act as required. The result has been to turn a time-consuming manual process that generated difficult-to-digest reports into a user-friendly, streamlined workflow.

Kainos Smart Audit also enabled the team to remediate historic issues which had given unauthorised users access to certain data, as well potential segregation of duties risks. This further supports efforts to better manage potential regulatory and reputational risk.

The partnership continues to flourish, with Kainos responding rapidly to requests from the tech giant for new checks and controls - such as a check on proxy access usage which are rolled out to good effect. The impact has been significant, not only enhancing and streamlining the Workday audit process for the corporation, but even surprising its auditors.

“In our organisation, we not only have to make sure we meet the rules of external global regulations, but also our internal policies. Smart Audit ensures we remain compliant in both. When our auditors do identify issues, we can tell them that we already have good controls around the problem. We showed them the results of our work with Smart Audit – they were very happy and surprised that we have such good visibility and actionable insight,” says the Workday Technical Owner & Controls Lead.

image

Smart Audit keeps tech giant top of its game

Smart Audit gives the global tech organisation peace of mind that it has the right controls in place to mitigate compliance and reputational risk in Workday. The insight it generates ensures the Workday Technical Owner & Controls Lead and his team can react fast to any changes in the environment, and remain confident they’re on top of everything.

“We have a much better overview of what is happening today,” he concludes. “When something happens, Smart Audit detects it and reports it for us. So, we’re always on top of our game.”

Are you interested in learning how Smart Audit can help provide you with a proactive security monitoring approach for Workday?

Book a demo