SAP Security: Dealing with cross-division access in Saint-Gobain

⇨ Consistency in role methodologies is critical for large groups, especially when using outsourced providers.

⇨ Access risk solutions are a necessary foundation for effective access control, but education and ownership among process owners are also essential.

⇨ Governance, risk, and compliance is a continuous journey that requires ongoing efforts to manage access control and mitigate risks.

Saint-Gobain South Africa faced unique access control issues due to having multiple companies within a shared SAP ecosystem. With a mix of role methodologies and outsourced providers, they consistently failed access control audits. Through implementing a GRC solution and a role redesign, they established a solid foundation for access control and mitigated risks. Continual efforts such as user access reviews and identity management will ensure that their access control is effectively managed.

Download the case study to discover the critical lessons learned from Saint-Gobain South Africa’s access control journey and how they established a solid foundation for managing risks.