Founded in 1996, HRA Pharma is a pharmaceutical company that develops and manufactures innovative treatments women’s health and endocrinology. It was expecially notably known as the pioneer on the morning-after pill. Today HRA is diversifying by adding Compeed dressings to its range. Based in France, the company has several subsidiaries in Europe, Hong Kong and the United States.
HRA Pharma is now embarking on a new challenge: strengthening the security of its information system while upgrading their JD Edwards ERP to the new version 9.2.
Regarding security, Oracle recommends having a closed system, which, unlike the open system, prohibits by default access to applications for all roles, offering a better level of security.
After an accounting and financial audit, the pharmaceutical company’s auditors then drew the attention of the Security Manager to the good practices and the interest of implementing closed security. To meet their request, Julien Krieg, Application System Manager at HRA Pharma, turned to b.workshop’s expertise. “We had the Upgrade 9.2 project, and since b.workshop was aware of the auditors questions, they gave us a presentation of AllOut. We then decided to integrate it into the Upgrade”.
To carry out this security project, three AllOut modules have been selected for HRA Pharma :
The implementation of the security project was carried out in several stages:
We asked Julien Krieg, Application System Manager at HRA Pharma, to give us feedback on current projects:
What were the problems encountered during the project?
No, we didn’t really encounter any. b.workshop had explained the different stages to us very well, and I was expecting a lot more. We have completed the first delivery of version 9.2 as well as our first tests. We had to make some security corrections, but overall it’s going well.
How is the recipe going?
It is in progress but from a security point of view everything is going well. Even if there are errors, we know how to correct them and we control the process. We identify the problem, b.workshop comes up with solutions and then we arbitrate. I was expecting to have to redesign HRA processes to adapt on new security rules, because security redesign sometimes means reviewing accesses, but we haven’t come across that yet.
What do you think of b.workshop’s expertise on Allout?
Amin, the project’s security manager, is in charge of this subject. He is very professional and is one step ahead every time we ask him questions. For example, when we submit a security problem to him he will go up to the next level by making an analysis of the other roles that may be affected, I am very confident with him. We feel that he knows his subject and that with him it will go well.
At the end of the project, our TPM (Third Party Maintenance) team has all the necessary skills (functional and technical) in order to accompany each customer on his solution. After the post-start support, the TPM will take over from Amin on the assistance and the increase in competence of HRA Pharma on AllOut, as it has been doing for JD Edwards and BI Publisher since 2016.
