Today's enterprise application landscape is a hodgepodge of varied third-party applications, on-premise and software as a service (SaaS) and integrations. Challenges abound when configuring internal controls end-to-end in a transaction lifecycle. After completing this session, the participant would be able to:_x000D_ _x000D_ 1. Discuss the concept of a 'hack' and the implications it has for IT compliance, security, performance and maturity._x000D_ _x000D_ 2. Identify key business transactions from cradle to grave across multiple application as well as varying levels of maturity of varied applications, whether on-premise or in the cloud, with accompanying support and change management processes._x000D_ _x000D_ 3. Identify toxic pairs both within a single application or across two or more applications and propose compensating controls including how the shortfall of one application can be offset by the value proposition of another._x000D_ _x000D_ 4. Recommend quick wins or 'hacks' to secure configuration and change controls that are specific to the application(s) at hand as well as medium or longer term solutions laid out in a strategic application maturity roadmap._x000D_ _x000D_ Faced with constraints on time and resources to foster compliance on the one hand, as well as demands on greater tailoring and enhancements to meet changing business requirements on the other, enterprises need to be mindful in their allocation of resources to both tactical and strategic initiatives. This session reviews the fine balance that needs to be achieved between quick wins or 'hacks' to evidence controls leveraging in part the configurational ease that comes with software as a service (SaaS), as well as the longer term foundational work that nevertheless needs to be performed over time to secure real process improvements over the long run.