Capabilities
Everything we scan, everything you get.
Nine capabilities, hundreds of checks, one report. The same engine runs on every plan — the only differences are scope, branding, and support.
Platform capabilities
Consultant-Grade Advisory Reports
- What we scan
- Every single finding — across all nine categories — gets a fully pre-researched advisory layer. Owner team (who fixes it), verified hours estimate, step-by-step fix instructions, compliance frameworks at risk (SOX §404, GDPR Art. 5, ISO 27001, PCI-DSS), plain-English business risk statement, 1–10 priority weight, and the official source document. Plus a 4-section executive summary: Executive Verdict → Priority Risk Analysis → Remediation Roadmap → Disclaimers. Plus a standalone Board & CEO Briefing — plain-English narrative for leadership, auto-generated with every scan.
- What we find
- Owner team (who fixes it), verified hours estimate, step-by-step fix instructions, compliance frameworks at risk (SOX §404, GDPR Art. 5, ISO 27001, PCI-DSS), plain-English business risk statement, 1–10 priority weight, and the official source document.
- Business impact
- Sourced from official Workday, SAP, and Oracle documentation and Big 4 advisory frameworks — not AI-generated guesses. Other scanners hand you a list of issues. Yoetz hands you a remediation runbook your team can execute on Monday.
Security Group Analysis
- What we scan
- Every security group, ISU, role, and assignable permission.
- What we find
- Misconfigured permissions, unconstrained groups, ISU over-access, permission creep, dormant accounts.
- Business impact
- Closes the audit gap that gets flagged in every SOC 2 review.
Business Process Health
- What we scan
- Every business process definition, condition rule, and approval chain.
- What we find
- Stuck transactions, broken approval chains, zombie processes, missing exception paths.
- Business impact
- Eliminates the silent backlog of frozen transactions clogging the tenant.
Integration Status Monitor
- What we scan
- Every active and inactive integration, schedule, and credential.
- What we find
- Failing integrations, personal account ISUs, overdue runs, missing alert subscribers.
- Business impact
- Removes the single biggest cause of unplanned production incidents.
Calculated Field Audit
- What we scan
- Every calculated field across HCM, Compensation, Reporting, and Integrations.
- What we find
- Critical errors, deprecated references, unused fields, performance hotspots.
- Business impact
- Reduces report runtime and eliminates calc-based release breakage.
AI Readiness
- What we scan
- Job profile completeness, business process clarity, data quality, integration health, security model.
- What we find
- Exactly what is blocking each AI agent (Workday Illuminate, Joule, Oracle AI Agents) from being deployed.
- Business impact
- Cuts AI activation time from quarters to weeks.
Board & CEO Briefing
- What we scan
- Every completed scan — automatically generated alongside the technical report.
- What we find
- Business-language narrative written for your CEO, CFO, or board: financial exposure, regulatory risk, and operational impact — no HR system jargon.
- Business impact
- The one page that gets remediation funded. Consultants used to charge $20,000 for this framing alone.
Release Readiness Assessment
- What we scan
- Pre-R1 and pre-R2 audit across every impacted area.
- What we find
- Configuration that will break, regress, or change behaviour at release.
- Business impact
- Protects every release weekend from preventable incidents.
Remediation Plan Generation
- What we scan
- Every finding mapped to numbered fix steps and effort estimates.
- What we find
- A prioritised plan grouped This Week / This Month / This Quarter.
- Business impact
- Gives technical teams a runbook, not a complaint list.
White-Label Reporting
- What we scan
- Available on consulting firm plans.
- What we find
- Reports branded with your firm logo, name, and footer.
- Business impact
- Deliver the work as your own. Yoetz.ai stays invisible.
Multi-Tenant Management
- What we scan
- Available on consulting firm plans.
- What we find
- Every client tenant in a single dashboard with health scores and rescan controls.
- Business impact
- Manage 50 client tenants with the same effort as one.
Scheduled Scans
- What we scan
- All connected tenants on consulting plans — daily, weekly, or monthly cadence at any UTC hour you configure.
- What we find
- Configuration drift, regressions, and new gaps that emerge between manual engagement cycles. Email notifications fire to your team the moment each scan completes.
- Business impact
- Turns one-time assessments into continuous managed-service revenue. Clients stay covered 365 days a year — no manual trigger required.
Scan Comparison
- What we scan
- Any two completed scans for the same tenant, side-by-side.
- What we find
- Exactly which findings were resolved, which are new, and which persist. Full delta with severity breakdown and health score change.
- Business impact
- Makes every re-engagement billable — you can prove what changed and what your work fixed.
One-Click Jira Integration
- What we scan
- Any or all findings from a completed scan, per-tenant.
- What we find
- Issues created in your Jira project with severity labels, priority mapping, ADF-formatted descriptions, and a link back to the Yoetz scan.
- Business impact
- No copy-paste. Findings land in the team backlog in seconds — tracked, assigned, and actionable.
Platform Benchmarks
- What we scan
- Aggregate health scores and finding counts across all scans on the same platform (Workday, SAP SuccessFactors, Oracle HCM).
- What we find
- Where your client sits relative to the platform-wide average — above or below on health score and finding volume.
- Business impact
- Gives you a data-backed conversation starter in every client review: 'You're in the bottom quartile for Workday security — here's what top performers look like.'
REST API Access
- What we scan
- All tenants, scans, findings, and remediation data for your account.
- What we find
- Every scan result available as structured JSON — pull into your SIEM, Power BI, Looker, or internal reporting stack.
- Business impact
- Yoetz becomes a data source, not just a dashboard. Automate client reporting pipelines without touching the UI.
Remediation workflow
From finding to fix — tracked end-to-end.
A real security operations workflow, not a static PDF.
Step 1
Scan detects finding
AI surfaces a misconfiguration or risk with severity, owner, and verified fix steps.
Step 2
Team assigns & tracks status
Assign an owner, set status (Open → In Progress → Resolved), and capture notes.
Step 3
Push to Jira or mark resolved
One-click sync to your Jira project with severity labels, or close the loop in Yoetz.