SAP Access Control focuses on the traceable management and consistent distribution of users and authorizations throughout their lifecycle – assignment, repeated adjustments, deletion. The solution enables you to flexibly map your individual workflows so that required user accounts, roles and authorizations can be assigned in a rule-based and automated manner. All changes to authorizations and user data are logged traceably. In addition, emergency access (EAM) can be created via the firefighter workflow to minimize economic damage.
The risk analysis of users and authorizations helps to avoid SoD conflicts and to significantly increase security in applications. Already during the role application via Access Request, it is calculated which risks will arise from new authorizations. The approver can directly store a mitigation to eliminate the resulting risk.
SAP Access Control is a product to identify risks, minimize risks and automate workflows.
SAP Cloud Identity solutions enable authentication (IAS), single sign-on (SSO) and provisioning (IPS) against SAP cloud systems. SAP Cloud Identity Access Governance (IAG) provides the ability to manage workflows, risk checks and emergency access. Especially in a hybrid system landscape and in the communication between on-premise and cloud systems, the products ensure complete integration.
SAP Identity Management focuses on the traceable management and consistent distribution of digital identities throughout their lifecycle – assignment, repeated adjustments, deletion. The SAP IdM solution makes it possible to flexibly map individual workflows so that required user accounts, roles, and authorizations can be assigned in a rule-based and automated manner.
Single sign-on enables end-to-end authentication against SAP and non-SAP applications. Central management of access data increases security, as only one user ID is required for all applications. This means that passwords can be made truly secure without restricting user convenience too much. Constantly changing passwords for each application is a thing of the past, and password resets are minimized. You also avoid duplicate administration efforts in your IT and free up valuable resources.
With SAP Access Control, you manage legally compliant access to all SAP applications in your IT landscape. This includes, among other things, a cyclical and demand-driven check for risks in SAP authorizations, the management of business roles, and the use of processes to map the entire user lifecycle in compliance with SoD rules.
Risk analysis in SAP Access Control uncovers risks inherent in the user role set. Risks arising from future role assignment can also be simulated.
Conflicts of segregation of duties and other risks can already be identified and minimized or even prevented during the assignment processes. The risks of the requested roles are displayed directly to the approver, or even simulated with the roles already assigned. This prevents risks from arising in the first place. Security is also proactively increased in interaction with SAP Identity Management.
Unexpected disruptions in operation are resolved in a business process-oriented and traceable manner through the use of specialized emergency users. The use of SAP_ALL is thus explicitly avoided.
Emergency users (firefighters), who have extended authorizations, can be used for troubleshooting. A workflow guarantees the logging of the session and the subsequent approval by a responsible person. The emergency user concept is thus mapped in a fully comprehensive and compliance-conforming manner.
Access Risk Analysis (ARA) provides ad hoc audits and cyclic audits of users and roles to identify and eliminate segregation of duties conflicts.
Access Request Management (ARM) can be used to request users and authorizations. In combination with risk analysis, the requests are proactively checked for risks.
Business Role Management (BRM) allows efficient and risk-checked administration of business roles. General authorizations can thus be assigned automatically and without risk.
Real emergency situations are managed and logged with Emergency Access Management (EAM). In this way, downtimes in business processes can be minimized and resolved in a traceable manner.
SAP Identity Management and SAP Access Control focus on the traceable management and consistent distribution of digital identities throughout their lifecycle – assignment, repeated adjustments, deletion. The interaction of the two solutions enables you to flexibly map your individual workflows so that required user accounts, roles and authorizations can be assigned in a rule-based and automated manner. All changes to authorizations and user data are logged in a traceable manner. In this way, SAP Identity Management and SAP Access Control make an important contribution when it comes to adhering to legal and internal compliance regulations.
You would like to newly implement SAP Access Control, SAP Cloud Identity Access Governance or SAP Identity Management (IdM) or extend your existing system? With our Power Workshop for SAP Access Governance, you benefit from de facto standards that we adapt step by step to your individual requirements. As a result, you will receive a recommended action with a suitable project plan for introducing the access governance product that is optimal for you.
Simply complete the form and submit it. We look forward to receiving your inquiry.
SAP Identity Management focuses on the traceable management and consistent distribution of digital identities throughout their lifecycle – assignment, repeated adjustments, deletion.
SAP Cloud Identity solutions enable authentication (IAS), single sign-on (SSO) and provisioning (IPS) against SAP cloud systems. Especially in hybrid system landscapes, they ensure complete integration.
SAP Single Sign-On enables end-to-end authentication against SAP and non-SAP applications. Central management of access data increases security, as only one user ID is required for all applications.