zapAnalytics platform
What is zapAnalytics?
zapAnalytics is a software platform that analyzes SAP data for the purpose of compliance auditing. The objective is to identify control weaknesses in accounting and business processes or to make erroneous postings visible. The analyses are not performed directly on the productive SAP systems but on a data copy specifically provided for audit purposes.Data Protection and Responsibilities
A central concern when using zapAnalytics is the protection of personal data:- No Processing at zapliance
The analyses are not performed at the company zapliance. The data remains within the user company's IT environment. zapliance has no access to zapAnalytics without explicit technical and organizational authorization from the user company.
- Anonymized Evaluations
In all result presentations, SAP user names are anonymized. This means: No original user names appear in reports or evaluations. This ensures that no conclusions can be drawn about individual employees in reports or evaluations generated by zapAnalytics.
Content and Scope of the Analyses
zapAnalytics typically examines multiple company codes and fiscal years. The basis for this is so-called indicators (“audit questions”) that highlight unusual business transactions. The analyses are risk-based and pursue exclusively the following objectives:- Properness of accounting
- Efficiency of processes
- Process standardization
- Access security
Data Minimization and Data Access
zapAnalytics follows the principle of data minimization:- Only the data required for a specific analysis is loaded.
- The data is stored in a locally secured database that is fully under the company's control.
- zapliance has no access to this data at any time – this is technically and organizationally excluded.
Handling of Employee Data
zapAnalytics operates according to the principle of privacy by design:- Employee identifiers are anonymized by default.
- The method used is a non-reversible hashing procedure – the original SAP user names cannot be algorithmically reconstructed.
No Behavioral or Performance Monitoring
A key concern of the works council is the avoidance of monitoring individual employee behavior or performance. With zapAnalytics, this is excluded:- No evaluations of behavior or performance
Performance monitoring of individual employees or groups of employees is NOT part of the indicators. Indicators are predefined by zapliance.
- The analysis objectives of the indicators are exclusively:
- Properness of accounting
- Efficiency of processes
- Process standardization
- Access security
- Anonymization protects employees
Even if user identifiers play a role in an analysis, they are fully obfuscated by anonymization and cannot be traced back to individuals.
- No possibility to define custom indicators
zapAnalytics does not offer any functions that would allow the user company to develop and apply its own indicators.
What Data Does zapliance GmbH Receive?
The clear answer: None!- zapliance fundamentally does not receive access to company or employee data.
- Only for training or workshops may anonymized data be voluntarily exported and made available.
- Even in such exports, employee identifiers are fully anonymized.
Conclusion
zapAnalytics is a tool for improving compliance and process security within the company.- It protects employees through anonymization.
- It serves exclusively to optimize processes and avoid financial risks.
- It does not enable behavioral or performance monitoring.
Any questions?
Answers are available simply by email at support@zapliance.com or via our KnowledgeBase.