SAP Access Control


-

What is SAP Access Control?

Improper access is a major security threat to SAP and other enterprise systems. The issue only gets worse as employees increasingly access their relevant applications remotely and on varying, often personal, devices. The goal of SAP Access Control is to ensure the right people are using the right software from the right device. It also helps track access information in case it needs to be reported later for compliance purposes or assessed for risk.

SAP Access Control’s key functions include:

  • Risk analysis
  • User provisioning
  • Monitoring privileges
  • Certifying authorizations
  • Integration with enterprise systems
  • Role definition and maintenance

Key SAP Access Control Considerations for SAPinsiders

What is SAP Access Control?

Improper access is a major security threat to SAP and other enterprise systems. The issue only gets worse as employees increasingly access their relevant applications remotely and on varying, often personal, devices. The goal of SAP Access Control is to ensure the right people are using the right software from the right device. It also helps track access information in case it needs to be reported later for compliance purposes or assessed for risk.

SAP Access Control’s key functions include:

  • Risk analysis
  • User provisioning
  • Monitoring privileges
  • Certifying authorizations
  • Integration with enterprise systems
  • Role definition and maintenance

Key SAP Access Control Considerations for SAPinsiders

  • Quantify how improving user access and identity management impacts the bottom line. Most governance, risk, and compliance (GRC) organizations surveyed for our recent User Access and Identity Management for SAP S/4HANA report are facing budget constraints. That can make it hard to invest in software like SAP Access Control, but you can build the business case by finding those areas where unauthorized access can be costly. Added costs can come from cyberattacks, fraud, compliance-related fines, and rework to address audit issues. The cybersecurity threats are real — over a quarter of respondents noted having an access-related security breach in our April 2021 Securing the SAP Landscape Against Cyber Threats report.
  • Audit your user access landscape. First, gain an understanding of which users are accessing which systems and why. Then, survey your users and identify which roles need which systems. These steps can help you be more efficient in integrating your access across your technology footprint.
  • Integrate user access and identity management across your technology stack as part of your migration. Respondents to our latest User Access and Identity Management survey who worked for leading organizations were much more likely to integrate user access and identity management as part of digital transformation and integrate identity management across their heterogeneous application landscapes. These actions can help you optimize investment in software like SAP Access Control and create a holistic user access and identity management strategy.
  • Centralize user access and identity processes to maximize your next technology investment. Centralizing user access and identity management can provide benefits that reduce risk, enable compliance, and make securing your systems easier. However, you must first unify the process by which you identify users and grant access to systems, no matter the business area or solution. That will make any technological investment more valuable when implemented.

76 results

  1. role assignment GRC access control

    Role Assignment Automation: Finding the Balance of Technology and Process

    Reading time: 2 mins

    Role assignment is fundamental to access control. How can technology and automation help reduce risk and manual effort?
  2. GRC

    Building More Effective Access Control Through Business-Centric GRC

    Reading time: 4 mins

    Companies can significantly reduce access risk and access overallocation through greater business involvement in access control. We spoke with Soterion Managing Director and Co-Founder Dudley Cartwright to discuss how organizations are creating business-centric GRC and access control. In this technology insight, we cover: - How business-centric access control engages business users in the access risk…
  3. Centralizing User Access Management image

    Centralizing User Access Management

    Reading time: 4 mins

    A global tools and storage company that generates $14.5B in annual revenue and employs more than 10,000 workers worldwide had more than 100 enterprise resources planning (ERP) systems to handle. To get a grip on this sprawl, the company decided to optimize its IT environment with a plan that included a migration of its financial…
  4. Video: Sanofi Streamlines Thousands of New Business Roles in User Access Management Update

    Reading time: 1 min

    At the same time that Sanofi was working on COVID-19 vaccines, it was also migrating from SAP ERP Central Component System to SAP S/4HANA. This was an ambitious undertaking considering the unique economic environment, the firm’s multinational reach, and the heavily regulated nature of the pharmaceutical industry. As part of this effort, the company updated…
  5. Sanofi Leverages SAP Access Control to Help Secure SAP S/4HANA Migration During COVID-19 Vaccine Response

    Reading time: 4 mins

    At the same time that Sanofi was working on COVID-19 vaccines, it was also working with Accenture and KPMG to migrate from SAP ERP Central Component System to SAP S/4HANA and consolidate and optimize its IT environment. This was an ambitious undertaking considering the unique economic environment, the firm’s multinational reach, and the heavily regulated…
  6. How you can Transform Access Governance and Control Testing with SAP Access Violation Management

    The direction is clear from the Office of the Auditor General of Canada: a proactive approach to managing risk is one of the best steps organizations can take to mitigate exposure to errors, irregularities, and fraud. But how can you be proactive if your controls over multiple applications are still mostly manual? Join this session…
  7. User Access and Identity Management for SAP S/4HANA Benchmark Report

    Reading time: 1 min

    In This Report: Access management often comes about through necessity rather than planning. Organizations today use a portfolio of systems that not all employees are authorized to use, so proper access management is critical. With cloud systems and remote work on the rise and increasing threats that seek to steal employee access, a more comprehensive…...…
  8. Saviynt Identity Management

    Build Effective Identity Management in Hybrid and Cloud Environments

    Reading time: 4 mins

    As more employees work remotely, and organizations shift to hybrid and cloud software and technology environments, identity management has become a more important piece of the access and security landscape. Critical assets no longer sit behind traditional firewalls, with employees accessing important corporate data from outside a single place of work. Automation can help companies…
  9. cutting it support costs through redesign image

    Cutting IT Support Costs Through Redesign

    Reading time: 4 mins

    Imperial Brands, one of the largest tobacco products companies in the world, saw an opportunity to reduce fraud risk and third-party IT costs by closing a gap in its segregation of duties (SoD) compliance. The gap become apparent when its auditors reported discrepancies between the company’s SoD audits and the SoD results coming from external…
  10. The Usual Suspects: Catching the culprits of SAP access risk

    The world is changing, and SAP ecosystems are changing with it, as more organizations migrate to the SAP S/4HANA platform. Whether you are on the latest version of SAP S/4HANA or still thinking about making the move from ECC, monitoring and managing access risk can be challenging. How can you be sure you are fundamentally…
  11. How to Implement SAP Cloud Identity Access Governance

    You’ve heard of the SAP Identity and Access Governance (IAG) cloud version—but do you know how this cloud version could be implemented into your existing environment? This presentation will walk you through SAP IAG implementation, from covering key requirements for on-premise and cloud environments to planning for connections to ABAP and cloud applications. You will…
  12. Panel | The direction and evolution of access control and identity management

    In 2021’s increasingly digital world, organizations will need to remain vigilant. As remote work continues for at least several more months, we can be sure that threat actors will continue to adapt their tactics to capitalize on employees working remotely. Without a clearly defined corporate perimeter, identity will be more important than ever when it…
  13. What’s New in Access Governance: Implications for identity access management and access control

    Most SAP customers have invested significantly in their on-premise landscape, including a high level of compliance and governance thanks to identity access management and governance solutions. But what happens to all of these solutions once you move to the cloud and need to manage access across the landscape all at the same time? In this…
  14. Secure access to cloud applications and services

    Modern enterprise solutions in the cloud-based system on a microservices architecture requires not only access protection with strong means of authentication but also the capabilities to protect subsequent app-to-service communication. Attend this session to: - Learn about recent innovations in the SAP Cloud Identity Services for multi-factor authentication based on FIDO2 - Explore FIDO2 -…
  15. How to modernize your SAP Access Control rule set and mitigating control library

    Being on the “latest and greatest” version of the GRC technology does not always mean that your GRC rule set or mitigations are current and accurate for your business. How can you be sure that your controls and processes are up to date, accurate, and reflective of compliance standards? In this session we will explore…
  16. How Identity and Access Management Technology Is Supporting People Power

    Reading time: 9 mins

    As more organizations operate in a remote work environment, effectively controlling access to corporate resources becomes imperative. Automated identity and access management (IAM) along with strategic human decision-making are critical to protecting resources and data. At the same time, IAM automation needs to be integrated into business policies and processes, advises James Roeske, CEO of…
  17. Q&A: How Protiviti’s Identropy Acquisition Meets Growing Identity and Access Management Demands

    Reading time: 5 mins

    by Annie Kennedy, SAPinsider In the past year, a global shift to remote working and transformations to digital environments have amplified business’ need for more efficient and secure access governance. SAPinsider spoke with management and technology consulting firm Protiviti about how their recent acquisition of Identropy, which specializes in identity and access management (IAM), can…
  18. User Identity, Access Management, and Security

    Reading time: 3 mins

    As companies move from on premise to the cloud and become more complex, it is paramount to have the correct user identity and access management. How are companies provisioning user access, managing access, and maintaining their systems in an ever-changing environment? Presentations will arm you with best practices for monitoring and managing user access. Learn…
  19. Mahindre CIE crankshaft

    Mahindra CIE Automotive Ltd. Reduces Risk and Hours of Manual Effort by Automating Its SAP User Provisioning Processes

    Reading time: 6 mins

    Mahindra CIE Automotive Ltd. (MCIE), as a growing, publicly traded, international company, must follow a variety of regulations and compliance standards and undergo various statutory audits. In the first quarter of 2019, the company’s board of directors stressed the importance of putting in place stronger security and compliance controls to provide better assurance to investors…
  20. Single Sign-On (SSO) and Multi-Factor Authentication: How You can use Both Together

    Single Sign-On (SSO), combined with 2-factor/multi-factor authentication (2FA/MFA) can — if not implemented correctly — negatively affect user experience and cause frustration, reducing productivity. Attend this session to find out how to reduce this potential negative impact using the CyberSafe TrustBroker products and watch a live demo of some typical user logon scenarios and solutions.…
  21. Lessons Learned From Stanley Black & Decker’s SOD-free Role Design During an SAP S/4HANA Implementation

    Watch this session to learn how Stanley Black and Decker (SBD) designed a Fiori security architecture for SAP S/4HAHA and Central Finance. In addition, discover how SBD built in a robust set of configurable controls to automate, optimize, and standardize business processes. Lastly, explore how SBD leveraged Access Control 10.1 to enable continuous compliance of…
  22. Case Study: How Stryker simplified and automated user access with SAP GRC solutions

    Medical technologies company Stryker evolved from a manual request process using ServiceNow and DocuSign platforms to an automated workflow for FDA training, approval verification, compliance, and automated provisioning. In this session, learn how Stryker improved its governance process by eliminating offline emails and e-signatures that were previously required before access could be granted to key…
  23. SAP GRC Access Control 12.0 and SAP Cloud Identity Access Governance

    This session will explore the details of functionality, differentiators, and important platform aspects in the latest SAP GRC On-Premise and Cloud provisioning and compliance solutions. You will gain detail insight into the SAP Compliance applications of SAP GRC Access Control 12.0 and SAP Cloud Identity Access Governance and which application, platform, and functionality is best…
  24. Don’t let privileged user access to HR, procurement and other Cloud applications disrupt business

    Although the risks associated with privileged accounts in business applications are known, few organizations truly understand how exposed they are. Forrester estimates that 80% of security breaches involve privileged credentials. By leaving the management of privileged accounts to system administrators, organizations expose themselves to negligent password management, accounts that are never deprovisioned, and an increased…
  25. Automating Access Governance in a Cloud-Based Landscape

    Reading time: 6 mins

    According to our research, the most popular GRC solution being used by the SAPinsider Community is SAP Access Control. And yet more than half (63%) said that their current GRC solutions do not meet the need to effectively handle risk analysis and mitigation for cloud-based products without some sort of connector or bridge to a…
  26. The New Math for Information Technology, Operational Technology and Physical Security for Secure Workforce and Workspace Access Management

    Reading time: 0 min

    Utilities are extra-critical infrastructures with complex security requirements. New sophisticated threats that live in both cyber and physical domains stand poised and ready to attack—with potential, ongoing risk to IT, Operational Technology (OT), and Physical Security. Addressing these escalating threats requires a new formula and approach where 1 + 1 + 1 equals 0. With…
  27. Advanced Workforce and Workspace Intelligence, Identify and Access Management and Forward-Looking Financial Enterprises

    Reading time: 0 min

    In spite of continued spending on technologies and initiatives, security incidents at financial institutions continue to rise, evidenced by escalating high-profile external and insider-led attacks. Security experts agree that the current approach of dealing with security in departmental silos is leading to increased risk, rising security costs and a climate of mistrust on the part…
  28. The Essential Pillars of PIAM

    Reading time: 0 min

    For today’s enterprise on a digital transformation journey, there are four essential pillars of Physical Identity Access Management (PIAM) to consider: Converged cyber-physical onboarding and offboarding Self-service access request across the enterprise Automated physical access reviews and re-certification Identity Intelligence and risk scoring Find other insightful content from AlertEnterprise on their Vendor Showcase
  29. 8 Steps to An Effective Physical Identity Access Management Strategy

    Reading time: 0 min

    Identity, trust and security are at the heart of enterprise digital transformation, making it easier and faster to engage customers and partners, create amazing experiences and offerings and level up operations. Security is now a true business enabler. Find other insightful content from AlertEnterprise on their Vendor Showcase
  30. The Role of Physical Identity Access Management During A Pandemic

    Reading time: 0 min

    As COVID-19 strengthens its grip across the globe with over 1 million cases of infected people and the World Health Organization (WHO) declaring it a pandemic, it’s important for us to have a conversation about how and where technology can support enterprise efforts to protect its workforce. Find other insightful content from AlertEnterprise on their Vendor Showcase
  31. Robot typing

    Leveraging RPA and Web Services to Automate SAP Governance with SAP Access Control

    Reading time: 5 mins

    As part of the maturing of the the governance processes at Jabil, the company leveraged several automation techniques to reduce manual tasks and streamline repetitive activities. The governance team employed robotic process automation (RPA) technology and the use of standard web services to automate various activities. Learn more about how the company leveraged RPA and…
  32. firefighter

    Brighthouse Financial Accelerates User Provisioning Cycles

    Reading time: 4 mins

    Before integrating Saviynt’s Identity Governance and Administration (IGA) solution and SAP Access Control, Brighthouse Financial ran an entirely manual user provisioning process using an access request feature in SharePoint. This case study explains how the Fortune 500 company improved their user provisioning processes for SAP products with SAP Access Control and then implemented Saviynt’s IGA…
  33. Learn How to Handle Access Security in SAP with this eBook

    Reading time: 0 min

    Why are access controls in SAP so important? While most people are not trying to steal from the company they work for even the most honest human beings can turn into fraudsters. Setting up important access controls, and defining who can do what and how those measures prevent turning your honest coworker into a potential…
  34. SAP Access Controls: Protect Your Company from Fraud

    Reading time: 1 min

    Many companies in the world are running SAP and regardless of company size, there are always multiple people in various roles using the system to enter and obtain information. However, that does not mean they all need access to the same information. In fact, it is in the company’s best interest to limit access to…
  35. Drinking Water Company Vitens Connects HR and GRC Business Roles to Achieve an 80% Automated Provisioning Rate

    Reading time: 9 mins

    For global organizations that serve millions of customers who depend on on-time delivery of products and services, having efficient processes to onboard new employees is critical. One such SAP customer is Vitens — a drinking water company with 1,400 internal employees that serves 5.6 million customers across five provinces in The Netherlands and maintains 49,000…
  36. Cooper Standard Accelerates Cross-Platform Access Management

    Reading time: 8 mins

    When Cooper Standard — systems and components provider for the automotive and industrial industries — saw the need to automate access management, the company undertook a project would affect over 11,000 desktop users, require defining common processes to meet compliance requirements, and improve control over its heterogenous SAP and non-SAP application landscape. Learn how the company came…
  37. Access Controls: Protect Your Company From Fraud With The 5 W’s

    Reading time: 0 min

    Access Controls: Protect Your Company from Fraud with the 5 W’s
  38. GRC: Case study: How Mars successfully completed a global SAP security redesign with SAP Access Control and built a security “playbook” to guide the project

    Reading time: 1 min

    Learn how Mars revamped its SAP security, minimized segregation of duties (SoD) risk, and increased efficiencies around access provisioning. Click this link to view the slides from this session — GRC2017_Kowalick_Casestudyhowmarssuccessfully.   Donna Kowalick If you have comments about this article or publication, or would like to submit an article idea, please contact the editor…....…
  39. GRC: Case study: How Newport News Shipbuilding analyzed over 2,000 custom transactions in order to assess their impact on its control framework

    Reading time: 1 min

    Learn how Newport News Shipbuilding leveraged SAP access risk analysis to review over 2,000 custom transactions across 6,000 programs created with 15 million lines of custom code to assess their impact on its control framework. Click this link to view the slides from this session — GRC2017_Rogers_Casestudyhownewportnews. Deborah Rogers If you have comments about this article…...…
  40. GRC: Case study: How Stanley Black & Decker implemented and manages SAP Access Control for multiple SAP instances

    Reading time: 1 min

    Learn how Stanley Black & Decker implemented SAP Access Control to manage and mitigate security risks, improve SoD reporting capabilities, and automate its security provisioning processes. Click this link to view the slides from this session — GRC2017_Hodge_Casestudyhowstanley_V2.   Rebecca Hodge If you have comments about this article or publication, or would like to submit…...…
  41. GRC: Case study: How Johnson & Johnson deployed SAP Access Control to advance its corporate risk and compliance imperatives

    Reading time: 1 min

    Learn how Johnson & Johnson deployed a global SAP Access Control blueprint for a highly decentralized environment. Click this link to view the slides from this session — GRC2017_Paradkar_Nash_Casestudyhowjohnsonjohnsondeployed.   Alka Paradkar If you have comments about this article or publication, or would like to submit an article idea, please contact the editor. Neena Nash…...…
  42. HR: Case study: Insights into Valero Energy’s HCM security processes

    Reading time: 1 min

    Since implementing on-premise security 10 years ago, Valero Energy has gone through numerous reorganizations as a result of acquisitions, divestitures, integration of its Canadian employee base, and an implementation of ESS/MSS functionality. Its security processes also evolved to keep up with the new or changed roles. Find out lessons learned and gain insights into vulnerabilities…...…
  43. GRC: Case study: Transforming access security through a role rebuild at Armstrong Flooring

    Reading time: 1 min

    Learn how Armstrong Flooring undertook a full role rebuild, leveraging usage reports from SAP Access Control and implementing a task-based architecture here Richard Batchelor If you have comments about this article or publication, or would like to submit an article idea, please contact the editor…. This content is available to Premium Members. Sign In Learn...…
  44. GRC: Case study: How ConocoPhillips conducts user access reviews and monitors transaction usage in SAP Access Control

    Reading time: 1 min

    Learn how ConocoPhillips uses SAP Access Control tools to conduct periodic reviews, gather transaction usage statistics, and determine who is accessing its SAP systems. here Trevor Wyatt If you have comments about this article or publication, or would like to submit an article idea, please contact the editor…. This content is available to Premium Members....…
  45. GRC: Case study: How Mars transitioned to a new SAP security architecture and access governance model

    Reading time: 1 min

    See how Mars transitioned its largest SAP user population to a new global security architecture and governance process. here Sarah Wechsler If you have comments about this article or publication, or would like to submit an article idea, please contact the editor. Cesar Coronado If you have comments about this article or publication, or would…...…
  46. Four Steps To Reduce Indirect Access Risks

    Reading time: 0 min

    Keeping on top of SAP licensing is an increasingly time-consuming and complex task for all SAP customers. The correlation between licenses defined in a contract versus technical entitlement to use the SAP system has always been open to interpretation.
  47. SAP C/4HANA and SAP Cloud Identity Access Governance: Unified Identity Management

    Reading time: 1 min

    Audio pioneer Dolby Laboratories, which has been delivering audiophiles a superior sound and sight experience since the 1970s, decided in 2016 that it wanted an equally stringent level of quality assurance for its business process testing. The business sought a risk-based automated testing solution to reduce or eliminate regression test coverage gaps and lengthy testing…
  48. Conquer User Access Reviews in SAP Systems Once and for All

    Reading time: 4 mins

    Reviewing SAP system user access can be a painful and time-consuming process. Performing these reviews manually without automation can be costly, slow, and result in inaccuracies. The article highlights five strategies that can take the sting out of completing user access reviews. Learn about automated solutions that offer benefits such as zero implementation time or…
  49. How to Automate Firefighter ID Reviews Using SAP Access Control 10.1

    Reading time: 6 mins

    Learn about the different aspects and flexibility of Firefighter ID review requests in SAP Access Control 10.1. Firefighter ID review is an automated process to review the Firefighter ID assignments of the firefighters made by the firefighter owners and controllers and to remove Firefighter ID assignments. Key Concept Using the Firefighter ID review background jobs,…...…
  50. J.K. Cement Strengthens Its Controls Environment

    Reading time: 15 mins

    The technology infrastructure of cement producer J.K. Cement needed to tighten up its controls. Its ten-year-old SAP system had added thousands of users and vendors, and a slew of manual, paper-based processes led to too many segregation of duties (SoD) conflicts and too much possibility for fraud. Learn how the company adopted nine Security Weaver…
  51. Mass Maintenance of Mitigation Control Owners and Risk Owners in SAP Access Control 10.1

    Reading time: 6 mins

    Sergei Peleshuk provides an overview of SAP BW/4HANA and key considerations to think about when making the decision to migrate. This content is available to Premium Members. Sign In Learn more about Premium Access
  52. Make Sure Ineffective Mitigation Controls in SAP Process Control Don’t Live On in SAP Access Control

    Reading time: 10 mins

    Sergei Peleshuk provides an overview of SAP BW/4HANA and key considerations to think about when making the decision to migrate. This content is available to Premium Members. Sign In Learn more about Premium Access
  53. Speed Up Repository Object Synchronization with a New BAdI

    Reading time: 8 mins

    Sergei Peleshuk provides an overview of SAP BW/4HANA and key considerations to think about when making the decision to migrate. This content is available to Premium Members. Sign In Learn more about Premium Access
  54. Past-to-Present SAP Access Management Best Practices

    Reading time: 13 mins

    What do you do when what used to be acceptable is no longer adequate? How efficiently is your organization managing SAP ERP access and role-design? How pleased are your auditors with the control and reporting you offer? How pleased are your users with the processes they have to follow to get and retain access? How…...…
  55. A Walk Through Ticketing Functionality in SAP Access Control 10.1

    Reading time: 8 mins

    The integration of data and processes among different SAP systems has always been challenging and expensive in development. You can dramatically reduce the development effort in system integration by exploring the generic presentation of functions/methods and the generic presentation of parameters in a generic Remote Function Call (RFC). Key Concept Ticketing functionality gives role designers…...…
  56. Live from SAPinsider Studio: Customer Panel on ERP Maestro

    GRC practitioners Carol Chapman of American National Insurance and Kevin Lester of Dominion Diamond Corp share how their companies realized enormous benefits through ERP Maestro. The conversation occurred during the Financials/GRC 2017 conference held in Las Vegas, Nevada. Topics covered include: • The challenges each company was facing around SAP access controls • How ERP…...…
  57. Live from SAPinsider Studio: American Outdoor Brands GRC Initiative Leads to Improved Controls

    Joshua Lowy, Head of Internal Audit at American Outdoor Brands, shares how American Outdoors Brand deployed SAP Access Control and implemented an SoD waiver form. The conversation occurred during the Financials/GRC 2017 conference held in Las Vegas, Nevada. Topics covered include: How access roles are kept clean for users with separate responsibilities How existing SoD…...…
  58. Relaxo Footwears Takes Huge Strides to Improve SAP User Management

    Reading time: 12 mins

    Relaxo Footwears Limited -- the largest footwear manufacturer in India -- produces roughly 600,000 pairs of shoes each day, which are sold through 900 distributors promoting 11 brands and 300 retail outlets in 125 cities across the country. Since implementing SAP Apparel and Footwear in 2009, Relaxo has more than doubled its SAP licenses, and…
  59. Live from SAPinsider Studio: The Last Mile of SoD Management

    Susan Stapleton, Vice President of the Customer Advisory Office at Greenlight, shares what the last mile of SoD management entails and provides advice on how to get there. The conversation occurred during the Financials/GRC 2017 conference held in Las Vegas, Nevada. Topics covered include: • What was involved in the previous miles that led up…...…
  60. The Never-Ending Opportunities with SAP Projects

    Reading time: 6 mins

    Audio pioneer Dolby Laboratories, which has been delivering audiophiles a superior sound and sight experience since the 1970s, decided in 2016 that it wanted an equally stringent level of quality assurance for its business process testing. The business sought a risk-based automated testing solution to reduce or eliminate regression test coverage gaps and lengthy testing…
  61. American Outdoor Brands Takes Aim at a New Beginning

    Reading time: 6 mins

    American Outdoor Brands Corporation (AOBC) is experiencing the beginning of a new business direction. Originally the well-known firearms company Smith and Wesson, recent success has led AOBC to rapid acquisitions, expansion into new markets, and a rebranding that reflects its broadened focus. But in order to continue this growth, AOBC needed a new IT infrastructure…
  62. Learn How to Prepare Your User Access Review to Comply with the General Data Protection Regulation (GDPR)

    Reading time: 7 mins

    Sergei Peleshuk provides an overview of SAP BW/4HANA and key considerations to think about when making the decision to migrate. This content is available to Premium Members. Sign In Learn more about Premium Access
  63. ConocoPhillips Drills Down into Access Control

    Reading time: 6 mins

    Photo courtesy of ConocoPhillips ConocoPhillips, one of the world’s largest independent oil and gas exploration and production companies, relies on proper access control and segregation of duties (SoD) to manage its governance, risk, and compliance (GRC) requirements. As an SAP Access Control customer since 2009, ConocoPhillips understands the importance of regularly updating the application and…
  64. Examining the Features of Business Role Versioning in SAP Access Control 10.1

    Reading time: 11 mins

    Business role versioning is a functionality introduced in SAP Access Control 10.1 that enables you to have an active and a draft version of a business role. After implementing business role versioning, users can edit business roles by adding or removing new roles without affecting the active version of the business role. This content is…
  65. Business Role Versioning Added in SAP Access Control 10.1

    Reading time: 11 mins

    Business role versioning is a functionality introduced in SAP Access Control 10.1 that enables you to have an active and a draft version of a business role. After implementing business role versioning, users can edit business roles by adding or removing new roles without affecting the active version of the business role. Key Concept Business…...…
  66. Dalmia Bharat Group Mitigates Access Risks in Growing SAP Landscape

    Reading time: 12 mins

    Dalmia Bharat Group – whose businesses cover products ranging from cement to sugar – was growing at an impressive rate. The company expanded from $400 million to $2 billion in the course of a decade, much of this growth stemming from acquisitions of new manufacturing facilities. Such a rapid rate of acquisitions brought its own…
  67. Manage Identities and Optimize Compliance with SAP Cloud Identity Access Governance

    Reading time: 12 mins

    SAP Cloud Identity Access Governance provides real-time access governance and continuous monitoring of user access by immediately calculating the access analysis results as a background activity. Organizations can choose one or all of the services of SAP Cloud Identity Access Governance, depending on their business needs. It can easily be extended across the enterprise as…...…
  68. Live Q&A: Take the stress off your SAP Access Control 10.1 implementation

    Reading time: 24 mins

    Get answers to your questions on SAP Access Control 10.1 implementations, from budget and personnel resources to common pain points and blueprinting best practices. Meet the panelist:  Dylan Hack, Deloitte & Touche, LLP Dylan Hack is a Manager with Deloitte & Touche, LLP. He has 15 years of SAP project experience with global clients in…...…
  69. Manage Invalid Mitigations in SAP Access Control 10.1

    Reading time: 9 mins

    Learn about the different aspects and flexibility of risk mitigations in SAP Access Control 10.1. Access risk mitigation is used to mitigate access risk violations. It is applicable for all types of risks for different objects such as users, roles, profiles, and HR objects (job, org unit, and position) in SAP Access Control. Access risk…...…
  70. Debunking Access Control Myths

    Reading time: 3 mins

    When it comes to access control, there are a lot of inaccuracies and misunderstandings floating around. And when these misunderstandings go unchallenged, they can cost businesses significant amounts of money and time. So how can you cut through these falsehoods and implement an access control strategy that’s based on truth? This article helps you get…
  71. Live from SAPinsider Studio: Citrix Systems on SAP Access Violation Management by Greenlight

    Danielle Bass of Citrix Systems discusses her company’s use of SAP Access Violation Management (AVM) from Greenlight Technologies with Susan Stapleton of Greenlight at the 2016 SAPinsider GRC event in Las Vegas. This is an edited version of the transcript: Susan Stapleton, Greenlight Technologies: Hi, I’m Susan Stapleton with Greenlight Technologies. We’re here at the…...…
  72. SAP HANA Security: Preventing the Internal Threat

    Reading time: 3 mins

    Audio pioneer Dolby Laboratories, which has been delivering audiophiles a superior sound and sight experience since the 1970s, decided in 2016 that it wanted an equally stringent level of quality assurance for its business process testing. The business sought a risk-based automated testing solution to reduce or eliminate regression test coverage gaps and lengthy testing…
  73. Make the Best Use of Training Verification Functionality in SAP Access Control

    Reading time: 10 mins

    Nitin Aggarwal and Sanjeev Kotwal show how to use the training verification functionality in SAP Access Control to automate the training check in the user access provisioning process. Key Concept SAP Access Control is used to provision roles or profiles to users in back-end systems in a compliant way. Every request for access submitted in…...…
  74. Role Certification in SAP Access Control 10.0

    Reading time: 7 mins

    Learn about the different aspects and flexibility of role management in SAP Access Control 10.0. Business Role Management, commonly known as BRM, is used to create and manage different types of roles in SAP Access Control. Key Concept Role certification is the process by which an administrator can notify role owners to recheck the roles…...…
  75. SAP Access Control Implementation: The Myths, Truths, and Tricks (Part 2)

    Reading time: 21 mins

    Correct certain assumptions about the SAP Access Control system that are not necessarily true and obtain guidance on how to meet specific complex business requirements during an implementation project, including maintenance and support activities. Key Concept Myth is often the result of wishful thinking about the capability of a product that most times is unfounded…....…
  76. SAP Access Control Implementation: The Myth, Truth, and Tricks (Part 2)

    Reading time: 20 mins

    Correct certain assumptions about the SAP Access Control system that are not necessarily true and obtain guidance on how to meet specific complex business requirements during an implementation project, including maintenance and support activities. This content is available to (General or Premium) members. Sign in or Join for free! Sign In Become a Member