Compliance requires holistic authorization management
An optimal and automated solution is needed to ensure a wide range of compliance requirements (IKS, SOX, FDA) and enterprise-wide authorization and access control policies. The implementation of the SAP Access Control software solution helps companies to fully meet these requirements. SAP Access Control is a component of SAP's Governance, Risk & Compliance Suite (GRC) that enables companies to build a holistic control system for authorization management of SAP systems and beyond.
Separation of critical functions
SAP Access Control supports a preventative separation strategy for critical functions, designed to help prevent unauthorized access. This effectively eliminates many of the most common access risks associated with user permissions and superusers. Furthermore, all existing users and roles defined in the system can be checked initially or at regular intervals against a set of rules. Any errors or permissions conflicts identified by the review that violate the principle of Segregation of Duties (SoD) can be systematically resolved or manually approved (mitigated) by appropriately trained professionals by defining exceptions. These exceptions can be configured to be automatic, semi-automatic, or fully manual.
Less data abuse thanks to proactive risk audits
SAP Access Control gives you a way to clearly define, delineate, and periodically review the access to your business processes. Proactive risk assessment identifies and eliminates risks. As a bonus, the software makes it easy to define and implement roles and manage emergency access rights according to the principles of best practice. This can massively reduce instances of unauthorized access and criminal data misuse. SAP Access Control enables businesses to review all existing users and roles against a well-established company security policy.
Audit-proof emergency access management
As part of SAP Access Control, SAP Emergency Access Management (EAM) provides the ability to manage emergency situations professionally with a complete audit trail. With the help of so-called Firefighter IDs, selected users can be temporarily granted elevated permissions on the systems. The application process for these IDs can be customized and access to these IDs, also known as superuser permissions, granted centrally. The comprehensive logging of all Firefighter activities ensures traceability for legal and company-specific compliance requirements.
Product characteristics & features
- Rule and legal authorization assignment with release workflows
- Management of Super-User (Firefighter) IDs
- Integration of authorized representatives as well as procedures for risk analysis and elimination
- Integrated workflow engine that detects and automates appropriate approval paths for role assignments
- Compatible with both classical relational databases and the in-memory database SAP HANA
- Integration of SAP NetWeaver Identity Management for holistic, audit-proof user and access management
"Against the background of complex compliance requirements, SAP Access Control helps companies implement holistic authorization management that benefits companies in many ways. Separation of critical factors, combined with automated risk analysis, allows you to proactively manage permissions in your organization; especially in an emergency."
Olaf Tetzlaff (Your GRC Expert)