John Harrison Managing Director John is a Managing Director and leads Protiviti’s enterprise application solutions, helping companies optimize their investment and performance in business applications. This includes delivery of implementation best practices, automation, and governance of ERP and other cloud applications. He has been involved in various capacities in many ERP implementations throughout his career, with additional projects to enhance existing systems. Representative Engagements IncludeSAP Controls and GRC – Directed project to evaluate and enhance the segregation of duties (SoD) and security associated with a new SAP deployment at an exploration and production company. Further oversaw the implementation of SAP’s GRC Access Control tools to streamline and manage ongoing security mattersOracle Controls and GRC – Directed the controls integration work for an Oracle R12 implementation at a energy company by assisting the project team with input towards optimal configurable control design. This project also included the design and build of security responsibilities with proper access and segregation of duties controls within the security model Further, implemented Oracle’s GRC Access Governor to provide ongoing monitoring and controlSAP Implementation – Assisted drilling start-up in the selection of a systems integrator for a new SAP implementation and directed the client side effort to monitor project timeline, coordinate requirement and design input, perform integration and user acceptance testing, coordinate training and deployment, and arrange for hosting and post-go live support. Additionally, consulted on controls and GRCSAP HR/Payroll Security Implementation – Directed an initial review of SAP security which identified issues and risks particularly within the HR/Payroll. This prompted a complete re-implementation of HR/Payroll starting with requirements gathering and architecture design, and proceeding through detailed design, build, testing, and deploymentSoftware Strategy and Selection – Directed a project at an manufacturing firm to establish the application strategy going forward including a Phase I to gather requirements and select software to close gaps including RFPs, demos and scorecarding; a Phase II to consult on the implementation roadmap and project plan, and a Phase III to run a project management office for the pilot and rollout, with focus on status, resources, risks, and communication with stakeholdersEducationBBA, Management Information Systems, University of HoustonProfessional Memberships & CertificationsCertified Information Systems Auditor (CISA)/ISACACertified Internal Auditor (CIA)/IIA
