Companies find themselves challenged again and again by the immense effort required to keep employee SAP authorizations up to date during day to day business. Our new SAST SUITE module, Self-Adjusting Authorizations, takes an intelligent approach to solving the most frequent problems: It removes unused transactions automatically, increasing both compliance security and protection against data misuse, in turn reducing administrative effort.
Self-Adjusting Authorizations: the special backstory to the new module
The idea crystallized over the course of the last year. Acting on a suggestion made by the VW Group’s Group auditors and drawing inspiration from the automotive supplier, RENK AG, the SAST team began development on a prototype. Demand for such a thing is high: “It’s not uncommon to see users with anywhere from 200 to 500 SAP authorizations. And that’s a lot when you consider that only about 25 percent are actually in use,” explains Bodo Kahl, Managing Director of SAST SOLUTIONS.
The finished version of the Self-Adjusting Authorization module of SAST SUITE will launch for all SAP users in winter of 2018/19. Companies will then have the opportunity to reap the benefits of permanently leaner SAP authorizations. At small and medium-sized companies, where specialist personnel with expertise in security and compliance are most often lacking, the tool slims down processes. Larger companies finally have a way to always keep their many authorizations up to date. No other GRC software currently on the market can make the same claim.
Relieving burdens on IT departments and minimizing risks
To date, constant optimization of user authorizations has remained a time-intensive process from an IT perspective. Often, it means designating multiple employees to handle it, especially during an audit. It was this underlying issue that RENK AG needed to handle. Currently, a pilot project with the tool is underway there. Frank Schröder, CIO of RENK AG reports, “Just a few weeks was enough to massively relieve pressure on our IT department. In addition, streamlined authorizations have reduced the risk of internal data misuse and allowed us to use concrete work profiles to improve our workflow in SAP.”
There are a number of advantages to using the Self-Adjusting Authorizations module: Companies obtain a clear overview of the scope of how employees have used the roles to date and can then optimize assignments. Cleaned-up authorizations also mean less administrative effort and lower security risks, for example by reducing SoD conflicts. Last but not least, optimizing user authorizations also has the potential to save money on SAP licenses. This “cleaned” slate means IT decision makers take a more relaxed approach future internal and external audits.