SAP Security & Authorizations
Security state assessment
An important element of the security state assessment is conducting an review and determining the current state of the application system security. The basic assessment is to verify the current user rights in the system are accurate and are reflecting employee job description. Such a process can take place for both business users as well as employees and IT contractors.
SAP configurable controls
SAP business process configurable controls drive the way business process risks are mitigated. There are numerous SAP configuration parameters that can be leverage as automated controls within standard SAP functionality. During initial system implementation project, different objectives have priorities, therefore many system parameters are not set for best practices. As a result, many typical business process risks are not covered, as controls components were not considered during system implementation blueprint phase. By optimizing SAP control, organization can reduce the risk of fraudulent activity, improve their effectiveness in monitoring business process risks.
Role and authorization redesign
Our company, based on audit background and the technical expertise of our consultants, offers services in the area of role redesign and authorization in the SAP system. We start from developing a business concept for user access roles, including SoD matrix (Segregation of Duties) requirements, to technical implementation of roles in SAP systems and support post-implementation. Our approach considers internal security and access risks requirements of the company and external regulations.
Periodic user access review
One of the key challenges, for security administrators, is to conduct periodic certification of user to role assignments. User authorization topic is very complex in SAP system, mainly due to massive number of roles and profiles assigned to user. This make periodic user access review difficult to execute, and sometime in extreme cases, this process is not carried at all. This process needs to support by external GRC tools (SAP GRC, smartGRC). Implementing a tool in this area can bring significant savings in the use of internal resources - both on the IT side preparing the review, as well as on the side of business departments, which are often responsible for verification of entitlements.
Work on enhancing the SAP security and authorizations are processes that are directly influenced by audits, implementation of new functionalities, and changes in the legal environment. Adapting the organization to new requirements is an action requiring thorough domain knowledge and knowledge of best market practices.
As a response to these challenges, we support SAP security teams in the following areas:
- Role redesign and SAP authorization improvements - analysis and re-design of business role catalogs, technical role implementation, support in role tests, and post-implementation support.
- Support in the implementation of new requirements for the current SAP application roles architectures, for example: limiting access to personal data, implementation of segregation of duties (SoD), removal of critical access.
- Support for migration to S / 4HANA - adaptation of current role catalogs to the requirements of S / 4HANA, assessment and implementation of changes in segregation of responsibility (SoD) matrices.
- Implementation and support for GRC tools such as smartGRC, SAP GRC and others - implementation of additional functionalities and areas, error handling, user support.
- Construction and modification of segregation of duties (SoD) - analysis of the current situation and customer requirements, transaction mapping, implementation of changes in the matrix, tests.
- User support - ticket service, preparation of reports and analyzes, support during SoD analyzes, reviews and certification of permissions.
Loan staff - hire our SAP security consultants to support your security team in a full-time manner. In this cooperation model, the consultant works full-time under the client's management, performing the tasks assigned by him. Hiring consultants is an ideal proposition for companies that:
Project support - hire our team to support your SAP security challenge in role redesign project in a fixed fee agreement or more flexible time & material support.