Skip to Content
Author's profile photo Former Member

My Top Picks for Security and GRC content at #SAPTechEd

It was not so long ago that some SAP Security professionals would confide to me that they thought SAP TechEd was not worth their time and money. Forget all that, this is a new year.  I hope you have taken a peek at the session agenda for this year’s Security track, as this year’s education program is surely the most robust yet.  In fact, there is such a wealth of sessions, including 45 networking sessions – yes, you read that right, 45!!- that I urge everyone interested in security and/or GRC content to give your week some serious thought. Here are some suggestions for your consideration:

  1. GRC sessions – Last year there was no content on GRC at TechEd beyond a networking session or two. This year, there are nine lecture sessions in the Governance, Risk, and Compliance sub-track, and five networking sessions flagged as GRC-related.  My top pick is SIS107, Florida Crystals Corporation’s Experience with SAP GRC 10.0. Customer case studies offer the unvarnished good, bad, and – well, other, so I hope to see a great crowd there. SIS104 on Read Access Logging (RAL) should also be very informative. I really was hoping that there would be at least one hands-on session on GRC this year, but it didn’t happen. Ah, well, maybe next year. Let’s have great attendance at the GRC sessions this year and show the program planners that we really do want more of this content.
  2. SAP Identity Management – If this solution is deployed at your organization, or if you are considering an implementation, you are in luck, as there is a great variety of lectures, product roadmap, and hands-on sessions. The roadmap session SIS890 with  Kristian Lehment is bound to be very informative, and he follows up with a networking session as well for more Q&A time, EXP11182.
  3. Single sign-on (SSO) and the cloud – All the latest hot topics in identity management, including SAML 2.0, identity federation, and SAP ID Service will be covered in both lectures and hands on sessions.  I must admit that the Expert Networking sessions SSO Stump the Geeks EXP10243 and EXP10245 sound like great fun whether you are an SSO expert or not.
  4. Security and secure development – This sub-tract has a great variety of sessions. I am very much looking forward to the hands-on sessions in this track, SIS260 on RFC security  with Christian Wippermann  and Bjoern Brencher, and SIS261 on ABAP code scan with Thorsten Marcus Dunz and Christian Wippermann.
  5. ASUG Customer and ASUG Influence – This year we are fortunate to have a strong program of ASUG content across a wide variety of security topics. If you run into Tammy Powlas and Kristen Dennis, be sure to say thanks for all their hard work.  I recommend all of these sessions for hearing from and engaging with customers:


Florida Crystals Corporation’s Experience with SAP GRC 10.0


Mitigating Risk by Implementing Best Practices with SAP NetWeaver ID Management


Secure and Compliant Through Outsourcing, Consolidation, and Globalization


ASUG Security Influence Council – Customers and SAP Working Together


SAP BusinessObjects Implementation for EMEA with EPC Compliance


Use Cases for Authentication and SSO Options Analysis for Mobile, Cloud, Etc.

Please note that the ASUG sessions are each offered only once, and some of the session times have changed, so be sure to check the Agenda builder. SIS208 has changed times twice; the new start time is 3:15 PM, on Tuesday. If you have ever wished for the opportunity to change something about how an SAP solution worked, ASUG Influence needs you and your ideas. I hope to see a lot of you at that session, as well as at my Expert Networking sessions EXP9946 and EXP9947. See you there soon!

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.