AGLEA Blog

How does one know if you have set up a good authorization concept in SAP??

What are the metrics and how to best exploit them? Does a SAP Security Score exist? 

Is it really possible that external consultants do not have any access to SAP production systems? 

Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.

Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Are you an auditor? Or an IT manager who wants to monitor the data of his own SAP systems? 

Is it possible to assign privileges without leaving traces or almost?

That’s why you need to know what are the potential risks in the SAP system and how you can mitigate them!

Do you have to choose or change the help desk or ticket management system? 

Here are the focus points to consider, based on our experience.

What is it for?

This tool allows you to trace the activities of one or more SAP users at application level. Can also be used to connect SAP to a third SIEM (Security Information and Event Management) or the solution SAP Enterprise Threat Detection (ETD).

Have you installed one of SAP GRC Systems? Here you are 10 helpful tips on how to improve the usage of the SAP Governance suite.

Different systems are covered by the SAP GRC area (Governance, Risk and Compliance). The main ones are:  

• SAP GRC Access Control
• SAP GRC Process Control
• SAP GRC Risk Management
• SAP Global Trade Services (GTS)
• SAP Environment, Health and Safety (EHS)
• SAP Cloud Identity Access Governance

10 focus points that you might want to apply! 

What is the basic role? 

The basic role is a container of some of the permissions that all users should have. 

It is a set of utilities, not critical and useful in some moments. How should it be build up and what should it contain?