COMPANY:   Freeport-McMoRan Copper & Gold
INDUSTRY:   Mining
NUMBER OF EMPLOYEES:   35,000
CUSTOMER WEBSITE:   http://fcx.com
 
OVERVIEW:
Headquartered in Phoenix, Arizona - Freeport-McMoRan Inc. (FMCG) is a natural resource company with an industry leading global portfolio of mineral assets and is one of the world's largest producers of copper, gold, molybdenum, cobalt, oil and gas.  With ongoing operations in North and South America, Africa, Indonesia, and Europe, Freeport-McMoRan’s global workforce includes approximately 35,000 employees.
 
THE CHALLENGE:
The results of a poorly executed SAP security design process are many: unauthorized access, increased potential for fraud, inefficient access provisioning for end users, and numerous audit issues. All too frequently, companies that have not proactively identified and addressed potential security issues face expensive and challenging redesign projects within one to two years of the initial SAP rollout.

This also applies to organizations that have integrated systems due to mergers or acquisitions or otherwise performed SAP integrations without an overall SAP security strategy. The pitfalls of a bad security design not only include frequent projects to mitigate security exposures, but also loss of productivity due to delays in granting access.

Sage Solutions Consulting Inc. (Sage) was engaged to assist Freeport-Mc MorRan to assess a SAP Financials security design that no longer suited their needs. If not remediated, their existing design would have caused significant complications and delays in addressing simple requests from their sites across North America. In addition, timelines for access requests, new user provisioning, production break/fix, and audit remediation would become untenable and could adversely affect Freeport-McMoRan's bottom line.
 
THE SOLUTION:
Sage Solutions Consulting Inc. intimately understands that designing, configuring and implementing SAP security is a complex and resource-intensive endeavour. Sage Solutions Consulting provides SAP Access Control and SAP Security guidance and implementation support to ensure organizations better understand and manage risks around their enterprise resource planning (ERP) and supporting systems. Our consultants help identify and effectively manage security and application access risks across the organization’s enterprise architecture.

Sage therefore recommended a redesign of existing roles as an economical way forward without adversely impacting existing business functionalities. Sage’s goal for Freeport-McMoRan was a scalable ‘intelligent’ design that would be transparent to production users, would satisfy financial audit requirements, follow SAP and industry best practice, and allow accurate support estimates for resource requirements and project planning.

Over the next five months, Sage reduced the overall number of roles in Freeport-McMoRan’s financial environment from approximately 2,000 unique roles to a little over 300. Sage standardized the remaining roles, allowing for proper master and derived relationships that enabled mass maintenance for over three quarters of that total and enabled FMI to standardize their organization level restrictions across the rule set.
 
THE RESULTS:
The resulting design reduced the average number of roles assigned per user from 27 to 3, allowing Freeport-McMoRan a clearer picture of the access levels of existing users and a better baseline for expansion and audit remediation. Sage prides itself on, not only meeting, but exceeding customer expectations. To this end, the entire engagement was completed on budget, three weeks ahead of schedule without any work stoppages or critical issues.
 
CUSTOMER TESTIMONIAL:
“Freeport-McMoRan engaged Sage Solutions Consulting to provide security support for our existing SAP implementation. Their unique expertise in best practice SAP security measures allowed us to extend additional functionality in our HR and ECC environments, and their extensive knowledge in the segregation of duties helped implement an auditing suite, Security Weaver that ensures we remain compliant with both internal and external audits and Sarbanes-Oxley requirements.  
 
Sage successfully performed all tasks while providing excellent support to both end-users and functional design teams.  Given the opportunity, Freeport-McMoRan would certainly engage their services again.” – Lauren Frank, PMO Director, Freeport-McMoRan

NOTE: This Case Study is intended to demonstrate both the breadth and scope of Sage Solutions Consulting’s level of engagement and competency.  For more information or if you have any questions please contact us directly.