Service: One of the quick wins customers can achieve by implementing SAP GRC is establishing an Emergency Access Management (EAM) process. While the administration, reporting or monitoring of extensive activity logs are done centrally in an SAP GRC application, access to firefighting activity can be done either centralized via SAP Access Control or directly in the ERP system. The firefighting process can be setup based on Firefighting IDs (users with extensive rights) or Firefighting roles.
Benefit: Temporary and compliant assignment of extensive rights (firefighting activities) is subject to extensive logging, monitoring, and notification or approval (if required). This will help you to get rid of the audit finding Nr. 1 – extensive authorizations in a productive environment in the most efficient and compliant manner.