Product Information
GRC Tuesdays: What really is SAP Governance, Risk, and Compliance (GRC)? – Focus on the Identity and Access Governance pillar
This third blog on the “What is really SAP Governance, Risk, and Compliance (GRC)?” series will focus on the identity and access governance aspects of the portfolio.
Optimizing digital identities across the enterprise
In most cases, supporting the increasing number and complexity of enterprise applications, but also the different types of authorization models, is mostly done by applying manual administrative processes.
This often leads to a lack of visibility into user authorizations and access risks but also an inability to prevent access risk violations.
To be able to effectively manage this process, companies need consistent user and access management across all applications – including in growing hybrid landscapes, with strict compliance needs in segregation of duties for business-critical and financial applications.
This is precisely why the SAP solutions for Identity and Access Governance have been designed: to provide the key capabilities to manage system accounts and help ensure the correct authorization assignments.
SAP Access Control – Detect and remediate access risk violations
|
Features and functionalities: * Analyze risk to find and remediate segregation of duties and critical access violations * Provision users to automate access administration for enterprise applications * Maintain roles in business terms * Certify authorizations to ensure that access assignments are still warranted * Monitor privileges including emergency access and transaction usage |
 |
SAP Cloud Identity Access Governance – Simplify access management in complex Cloud and OnPremise environments
 |
Features and functionalities: * Access analysis to refine user assignments and manage controls * Role design to optimize role definition and streamline governance * Access request to optimize access, workflows but also policy-based assignment * Access certification by reviewing access, roles, risks, and mitigating controls * Privileged access management to achieve account-based access, log consolidation, and review with automated log assessment |
SAP Identity Management – Cover the entire identity lifecycle, business-driven and compliant
|
Features and functionalities: * Hiring to enable new employees to log on to all relevant systems, including access to employee self-services * Substitution to answer the question of who has adequate permissions to fill-in for a co-worker * Promotion & new position to automatically adjust permissions if someone is promoted to a new position * Resignation & termination to make sure that all accesses are removed for the particular employee immediately if they leave the company |
 |
SAP Single Sign-On – Secure authentication, single sign-on and more
 |
Features and functionalities: * Productivity to enable end-users to focus on business tasks instead of manual authentication * Secure authentication to reduce exposure to cyber-attacks by mitigating the risks of insecure passwords * Simplicity to quickly implement a foundation for secure access and extend it over time * Landscape security to enable secure communication with certificate lifecycle management and encryption |
SAP Dynamic Authorization Management by NextLabs – Enhance security for data and business applications
|
Features and functionalities: * Automate controls with single policy platform to centralize and automate data and application security * Secure access for consistent and on-the-fly access enforcement with dynamic authorization * Prevent violations to minimize fraud but also prevent compliance and security violations * Gain insight to monitor data and application activity |
 |
SAP Access Violation Management by Pathlock (formerly known as Greenlight) – Manage and control access risk and assess its financial impact
 |
Features and functionalities: * Extend the capabilities of SAP Access Control across enterprise systems * Notify business owners when segregation of duties violations are executed * Monitor to correlate business transactions to users to identify materialized segregation of duties violations * Report for a summary of the financial exposure due to segregation of duties violations |
I hope this helps in introducing the Identity and Access Governance offering from SAP’s Governance, Risk, and Compliance portfolio.
As a reminder, you can find all the other blogs in this series listed below:
- GRC Tuesdays – What really is SAP Governance, Risk, and Compliance (GRC)? (released on 06/04/2021)
- GRC Tuesdays – What really is SAP Governance, Risk, and Compliance (GRC)? – Focus on the Enterprise Risk and Compliance pillar (released on 20/04/2021)
- GRC Tuesdays – What really is SAP Governance, Risk, and Compliance (GRC)? – Focus on the Cybersecurity, Data Protection, and Privacy pillar (released on 18/05/2021)
- GRC Tuesdays – What really is SAP Governance, Risk, and Compliance (GRC)? – Focus on the International Trade Management pillar (released on 01/06/2021)
I look forward to reading your thoughts and comments either on this blog or on Twitter @TFrenehard
I'm searching for information about the future of Identity and Access Governance in particular Access Controll for the ondemand solution. In the Availabliity Matrix everything ends on the 31.12.2025.
Are there any plans already published?
Hello Claudia,
First of all, thank you for your comment.
Concerning the future of SAP solutions, including SAP Access Control or SAP Cloud Identity Access Governance, please see the SAP Road Map Explorer tool available at the following location: SAP Product Road Maps
This tool is regularly updated as soon as public information is released.
Kind regards,
Thomas