SAP Authorisations & Security Review
Many of our customers have identified that their existing SAP authorisations design and associated role allocation process is not fit for purpose and that there is a large scope for improvement in this area.
In some cases, the process has not been amended since the original implementation of SAP and the evolving business structure is no longer reflected in the design of the SAP authorisations.
It is extremely important that your organisation’s processes surrounding authorisations are considered and consistently reviewed otherwise your SAP system security could be at risk.
Absoft's Approach: SAP Security & Authorisations Review
One of Absoft’s highly experienced SAP Technical Consultants can pay a short visit to your site to engage mainly with the IT team but also spending a small amount of time with each Head of Department, this is to enable the creation of a document to summarise the findings of our investigation.
The document will identify the shortcomings and risks with the existing authorisations model and processes and also any wider security processes. Absoft will also include recommendations on how to address these issues and, where appropriate, suggest where any new SAP authorisations functionality may be usefully deployed to aid system administration.
What are the benefits have our customers seen?
As a result of following the recommendations made in the review, one of Absoft’s customers has been able to transfer full responsibility for approving changes to SAP authorisation roles and allocating roles to end users, to the business. This is due to the role design being formally documented with appropriate supporting documentation being owned and maintained by the business themselves. This allows the business to make fully informed decisions when it comes to assigning access to new users, users who change position and managing change as the business structure evolves.
The overall security risk is decreased substantially as IT specialists are not always best placed to determine the appropriateness of assigning authorisations to roles and roles to end users.
If you have an out-of-date authorisations process or are worried about the security of your SAP system and would be interested in discussing this in further detail, make an enquiry below.