SAP Access Control

Systematically detect and prevent access violations

Permissions conflicts, where the wrong users are given the authority to monitor certain functions as well as perform them, are a significant risk for businesses. The SAP Access Control software solution is a tool for SAP permissions management that helps to identify this type of conflict according to the company’s compliance requirements and – more importantly – prevent them from happening in the first place.

Compliance requires holistic authorization management

An optimal and automated solution is needed to ensure a wide range of compliance requirements (IKS, SOX, FDA) and enterprise-wide authorization and access control policies. The implementation of the SAP Access Control software solution helps companies to fully meet these requirements. SAP Access Control is a component of SAP's Governance, Risk & Compliance Suite (GRC) that enables companies to build a holistic control system for authorization management of SAP systems and beyond.

Separation of critical functions

SAP Access Control supports a preventative separation strategy for critical functions, designed to help prevent unauthorized access. This effectively eliminates many of the most common access risks associated with user permissions and superusers. Furthermore, all existing users and roles defined in the system can be checked initially or at regular intervals against a set of rules. Any errors or permissions conflicts identified by the review that violate the principle of Segregation of Duties (SoD) can be systematically resolved or manually approved (mitigated) by appropriately trained professionals by defining exceptions. These exceptions can be configured to be automatic, semi-automatic, or fully manual.

Less data abuse thanks to proactive risk audits

SAP Access Control gives you a way to clearly define, delineate, and periodically review the access to your business processes. Proactive risk assessment identifies and eliminates risks. As a bonus, the software makes it easy to define and implement roles and manage emergency access rights according to the principles of best practice. This can massively reduce instances of unauthorized access and criminal data misuse. SAP Access Control enables businesses to review all existing users and roles against a well-established company security policy.

Audit-proof emergency access management

As part of SAP Access Control, SAP Emergency Access Management (EAM) provides the ability to manage emergency situations professionally with a complete audit trail. With the help of so-called Firefighter IDs, selected users can be temporarily granted elevated permissions on the systems. The application process for these IDs can be customized and access to these IDs, also known as superuser permissions, granted centrally. The comprehensive logging of all Firefighter activities ensures traceability for legal and company-specific compliance requirements.

Product characteristics & features

  • Rule and legal authorization assignment with release workflows
  • Management von Superuser-Berechtigungen (Firefighter-IDs)
  • Integration of authorised representatives as well as procedures for risk analysis and elimination
  • Integrated workflow engine that detects and automates appropriate approval paths for role assignments
  • Compatible with both classical relational databases and the in-memory database SAP HANA
  • Integration of SAP NetWeaver Identity Management for holistic, audit-proof user and access management

Your benefits at a glance

  • Enterprise-wide role management with integrated risk assessment
  • Automatically detect and resolve permission conflicts
  • Increased efficiency through automatic processing of user requests
  • Comprehensive reporting capabilities for compliance requirements and audits
  • Automatic verification of user access and role shares
  • Maintaining user roles through departments instead of IT
  • Compliance-compliant access and authorization control across all IT systems
  • Compliant Identity Management in combination with SAP Identity Management
  • Audit-compliant emergency management with SAP Emergency Access Management (EAM)
  • Modern UI5-based user interface

"Against the background of complex compliance requirements, SAP Access Control helps companies implement holistic authorization management that benefits companies in many ways. Separation of critical factors, combined with automated risk analysis, allows you to proactively manage permissions in your organization. And of course also in an emergency."

Olaf Tetzlaff (Your GRC Expert)