![Pathlock CEO Piyush Pandey on Reshaping Application Access Governance: Insights from KuppingerCole Reports](/wp-content/uploads/2023/08/KC_Report_Piyush_insights-112x112.jpg")
![Pathlock Reshapes the Access Governance Market with a Series of Strategic Mergers](/wp-content/uploads/2022/05/MicrosoftTeams-image-7-112x112.png")
Global Manufacturer Streamlines Access Controls and Reduces Risk with Automated Governance Solutions.
A Complex, Distributed Access Challenge
As a global provider of systems and components for automotive and industrial markets, Cooper Standard operates across more than 20 countries and over 100 locations—many of which run SAP ERP or SAP Business Warehouse. This complex and distributed environment, along with an evolving application landscape, created challenges for managing user access at scale. Lead Systems Administrator Jessica Goldsmith was tasked with overseeing SAP user access and coordinating security across various non-SAP systems.
Recognizing the growing need for efficiency and control, Cooper Standard set out to automate and standardize its access management processes. With over 11,000 desktop users and more than 18 languages involved, the company required solutions that could unify access governance, meet compliance requirements, and adapt to future change. Following a comprehensive evaluation, Cooper Standard selected a suite of access management tools from Security Weaver to streamline operations, strengthen controls, and support its digital transformation.
Eliminating Manual Processes
Goldsmith explained that, prior to the automation effort, system administrators had to manually review incoming requests, route them for approval, and then provision access in SAP—each step consuming valuable time. “Systems administrators would first have to review all the access requests that came in before sending them on for approval,” she said. “Then, after each request was returned to us approved, we had to manually provision the access in the SAP system.”
Periodic access reviews were also inefficient. Cooper Standard relied on Microsoft SharePoint and email-based processes for generating reports, sharing them, and tracking responses. According to Goldsmith, “We wanted to simplify this process for users and make it easier to track.”
Prioritizing the User Experience
From the start, Cooper Standard’s leadership was clear: any solution had to benefit end users as much as administrators. “When going through any evaluation process, it’s important not just to focus on how to solve the problems for systems administrators, but rather to also make it easier for the users themselves,” said Bob Cross, Director of Information Technology. Senior VP and Chief Information and Procurement Officer Sue Kampe added that Cooper Standard’s decisions in IT are ultimately about supporting business performance, employee experience, and customer satisfaction—while maintaining strong security.
The automation capabilities and SAP integration offered by Security Weaver stood out. Goldsmith noted the flexibility of the solution, saying, “Now, when a request finishes and reaches approval, the system goes out and auto-creates the user and adds the access or removes the access — all automatically. And I, as an administrator, no longer have to manually manage it, which is a really big deal.”
Reducing Delays and Improving Scale
That shift had real operational impact. “Though our previous system had workflow, it lacked auto-provisioning capabilities,” said Satnam Hundgenn, Director of Global IT Audit. “Users can be assured now that, as soon as their requests are approved, they will have access. Otherwise, there could be a lot of waiting time, depending on the admin queues.”
Nate Miller, Senior Manager of Global Cyber Security, IT Compliance, and Network, saw the broader value as well: “At Cooper Standard, we understand the value of effective and efficient controls, so when we looked for a solution to give us the control and automation we needed, while improving the processes across various applications, Security Weaver was the right answer.”
A Collaborative Rollout
During implementation, Security Weaver took a partnership approach, embedding a professional on-site for several months to work alongside Cooper Standard’s team. “We actually had a Security Weaver professional sit in our office for several months, and he was basically my coworker for that time during the implementation,” Goldsmith said. That close collaboration led to tailored training, input on the product roadmap, and, in some cases, access to new features ahead of official releases.
This level of partnership from a solutions provider is appreciated by Cooper Standard and Goldsmith.
Tangible Business Impact
Cooper Standard deployed several Security Weaver solutions, including Separations Enforcer, Risk Visualizer, Emergency Repair, Transaction Archive, and others. With automation in place, Goldsmith’s team began processing roughly 700 SAP access requests per month without requiring administrative touchpoints on each one.
That efficiency allowed the team to take on projects that had long been deprioritized. “I have more free time to perform those sorts of tasks that administrators rarely have time for,” Goldsmith said. She led a role management initiative that eliminated more than 61,000 unused roles—roughly 80% of the previously assigned roles. That effort alone reduced access conflicts by 40%. “That level of reduction is just unbelievable and has compounding benefits,” she said. “For example, by doing that, I was able to remove 40% of conflicts across the board just by removing unused access.”
The impact extended beyond IT. “For every conflict we remove, we eliminate a risk control that had to be performed,” said Soma Venkat, Vice President of Information Technology. “We save hundreds of hours because our global controllers and management team now avoid performing many mitigations and sign-offs. It helps remove even more manual work as we move toward digitization.”
Sustaining Long-Term Efficiency
Those gains weren’t just a one-time improvement. Cooper Standard has since built access cleanup into its SAP rollout standard. Any unused roles are automatically flagged and removed 45 days post-go-live. “If they haven’t used it in the first 45 days, they probably aren’t going to use it,” Goldsmith said. Re-adding a role is a simple, low-friction process when needed.
The new processes have proved sustainable. The number of unused roles in the system remains nearly identical to the benchmark established immediately after the original cleanup. According to Goldsmith, the lean state of the system has held steady within a 2% margin—evidence that governance controls are working.
Stronger Controls, Less Friction
Controls enforcement has also improved. Cooper Standard now uses built-in functionality within Security Weaver to send monthly reminders and trigger actions such as required sign-offs or documentation uploads. “Doing this manually, it was hard to ensure that users were doing what they were supposed to be doing,” Goldsmith said. “Not only was it difficult for audit; it was difficult for the business.”
Building for the Future
With its access governance foundation in place, Cooper Standard continues to explore new capabilities to support broader digital transformation. As the company expands its use of SAP S/4HANA and other enterprise technologies, automation, visibility, and sustainable controls remain central to its strategy.
These solutions and related professional services will streamline processes, ensure the right risks are being addressed efficiently and at the right time, and will inevitably lead to even more business benefits for the IT staff, auditors, and most importantly, business users.
