Close
X

Exercitation ullamco laboris nis aliquip sed conseqrure dolorn repreh deris ptate velit ecepteur duis.

Get in touch

    Audit of SAP Access Management

    Client Profile

    Location: Singapore

    Industry: Automotive

    The client is a publicly-listed company which operates worldwide, with their headquarter in Germany.

    • A global SAP system across two SAP clients was implemented 15+ years ago and was being rolled out in stages. At the time of the project, it was in use in 17 countries.
    • A single-process template was used for all implementing all SAP functional modules.
    • GRC Access Control was implemented and rolled out in all countries.
    • An internal friendly audit had identified a number of high-level issues around access and security.
    • The client wanted the help of an independent subject matter expert to verify and understand the issues.

    Project Objectives

    • To carry out an unbiased assessment of the client’s current SAP access management.
    • To perform a deep-dive review on agreed areas of concern.
    • To provide the client with practical recommendations for improvements.

    Challenges and Opportunities

    • Contradicting reports and opinions about the state of SAP access management, notably on the use of Firefighter.
    • New IT Manager desired a quick, overall expert opinion on the matter.
    • A total of 190+ checkpoints were to be assessed at a high level, based on which areas of concern would be identified.
    • The client’s operations team was located remotely and therefore organised, effective communication was key.

    Why XS Control

    • The client wanted the view of a specialist, independent practice which specialised on the area of SAP access only.
    • XS Control had a strong background in SAP auditing with experience working in many countries in Europe, Middle East and Asia. This advantage was key as the client’s SAP stakeholders were located in various parts of the world.
    • XS Control had solid knowledge on global business practices which run on single SAP instances.

    Project Highlights

    • Our systematic, well-documented approach minimised disruptions to the business while keeping them informed.
    • The areas of Firefighter, access risk violations and role validations were selected for deep-diving. Through assessment of key information and statistics, our analysis uncovered new information supported by solid facts.
    • Meaningful and timely reporting helped management make appropriate decisions.

    Project Benefits

    • High-level management reporting, supported by detailed analysis.
    • Recommendations of practical follow-up activities which were rated according to priority and effort required, which helped management focus their efforts on relevant fixes.
    • Identification of new, easily-resolvable issues to immediately improve access management.

    Related Services

    Access Risk Remediation

    We help you tackle access-related issues in your SAP system and devise long-term plans to manage your system

    Find out more

    We would like to hear from you

    Send us a message and we will get in touch with you!