The business application security initiative (BIZEC.org) is a non-profit organization that focuses on security defects in business applications. These applications are responsible for processing and managing the most critical business information and processes, which turns their protection into a key subject for private, governmental and defense organizations around the globe.
These days, many security professionals believe that ERP security is a synonym for "Segregation of Duties". While functional security is highly important, there are many other threats which imply higher levels of risk and are not usually properly assessed. The work of BIZEC is centered on risk rather than on technical details. This enables organizations to understand the impact of application security vulnerabilities and prioritize their mitigation accordingly.