Integrating an SoD framework into your security processes is a challenge requiring you to put and precisely fit together the following main components:
– SAP Authorization Concept
– SAP Segregation of Duties Matrix / risk rules
– The company’s organization and processes
Service: We help you with our SoD Maturity Check to evaluate your readiness and the appropriate strategy for the “Get Clean” or / and “Stay Clean” SAP security phases. Following options are available:
– SoD Risk Analysis of your users and roles based on the standard best practice SoD rules maintained in our own or your SAP GRC Access Control system.
– We help you to interpret results and to prepare a results summary.
– Evaluate efforts for and perform the customization of the SAP standard SoD matrix (to custom authorizations and transactions, processes, controls, risk appetite, …)
– Design and implementation of the clean-up role.
– Supporting or conducting the SoD clean-up (removing authorizations from users).
– Evaluation and restriction of the organizational impact of SoD clean-ups.
Benefit: find the right way to establish sufficient transparency and compliance in your security concept. You don’t have to buy the SAP Access Control license for our SoD Risk analysis & SoD maturity check services; this gives you time to evaluate your security strategy and helps to ensure that your future investment is well-substantiated. We can offer our own SAP Access Control environmment if you seek to further optimize the infrastructure cost.