Click picture to enlarge


GRC, security and authorization management

Business challenges

Management of information security becomes more and more critical because of increasing regulatory requirements. A key to ensuring adequate information security is the design, implementation and ongoing operation of the authorization concept in SAP.

Management and continuous monitoring of authorizations can be carried out in SAP directly or with a tool-based approach.

What Phenix Consulting offers on GRC, security and authorization management

We address information security by combining our extensive audit experience with our technical excellence in setting up authorization functionality in SAP. We provide our own tools to quickly assess the quality of security and authorizations in your SAP system Because we know the market so well we can assist our client finding the right approach and tool to ensure sustainable compliance.

Internal Audit optimization

Business challenges

Internal Audit has to contribute added value in realizing business objectives and support performance improvements initiatives proactively. Both risk & control evaluation and data analytics are competencies needed to realize these objectives and must be closely aligned for an effective implementation. Data analytics can be used to establish process improvement within and beyond Internal Audit (e.g. contribute value to planning).

What Phenix Consulting offers on Internal Audit Optimization

Phenix Consulting developed a methodology and toolkit to implement the necessary changes that support Internal Audit in:

  • Performing controls testing and risk assessment on a frequent basis (near real-time) and in as automated a manner as possible
  • Identifying risk areas before they have an impact on the business. This will support the perception by the business that internal audit is being proactive in identifying risks and improvement opportunities
  • Transferring knowledge to business units to support overall optimization

Financial Audit optimization

Business challenges

The challenge for financial audit is to deliver high(er) audit quality with fewer resources. Statistical sampling is a tool used by auditors to reduce their investigative effort whilst providing sufficient evidence to identify audit issues and to justify their findings.

Statistical sampling also provides a sound base for the identification of risks and therefore optimizes prioritization of audit work streams. If a sample contains errors, a quantifiable result in terms of precision and reliability can be quickly obtained.

One advantage of statistical sampling is that expected and non- expected errors can be identified.

What Phenix Consulting has to offer on financial audit optimization

Phenix Consulting provides training to audit firms on the proper application of sampling methods and techniques to obtain efficiencies in the audit execution and will act as subject matter experts and provide advice and recommendations in (complex) questions around statistical auditing.


Ferry Geertman or Guido Czampiel

Take aways 

  • Set up a project charter that will take effect preferable during feasibility but ultimately during design
  • Write a business case and problem statement
  • Define scope of the project
  • Define objectives and goals of the project
  • Involve stakeholders and define priorities
  • Set measurable milestones
  • Ensure that the right sponsors provide buy-in.
  • Identify (project) risks and how to manage them
  • Jointly validate and refine the project plan and develop a roadmap to success
  • Hold regular meeting to track progress of the various work streams

We combine technical knowledge with industry understanding and knowhow of technologically advanced tools and methodologies available in the market or developed by ourselves.

  • Focus on business processes that could be improved
  • Perform As-Is assessment
  • Anticipate future changes
  • Define scope and actions for short, mid and long term
  • Write business case for change
  • Realize sponsorship for implementation


Technology-related risk: understand and address the potential harms and benefits of (new) technology.

Privacy is high on the priority list of organizations nowadays, not only because of the more stringent laws and regulations, but also because of the significant impact financially and on a company’s reputation in the market and competitive position especially if complying with regulations is a competitive advantage.

We understand the language of the business as well as IT.