How do you choose the best single authorization role to grant a user who has just sent a request for additional authorizations? This is a complicated process for most organizations as there are thousands of roles that exist. Even if…
There’s a tricky little process with an innocent-sounding name, and it’s something that goes on in your organization far more frequently than you’d imagine. Can you guess what it is? It’s called “IT Access” (AKA “Emergency Access”) – and auditors…
If your organization has run an SAP system for three years or more, you probably suffer from what we like to refer to as “Deceiving Authorization Roles syndrome.”Whether you’re familiar with this pesky problem or not, maintaining authorization roles for…
When it comes to handling GRC conflicts, is it better to use an alerting tool or a simulation tool? They both manage conflicts, but one is predictive and the other happens after the fact. Well, there is no one solution;…
What are your organization’s top three most sensitive T-Codes; the ones that you’re really careful about granting? You’ve had to think about this before, either during an authorization-inspection project, a GRC project or when asked by an auditor. Can you…
Xpandion creates “behavior-based profiling” for business applications. Sounds impressive, huh? However, do you know what it means, exactly? Our customers often understand the benefits of our products: how they save time, increase security and lower costs. However when it comes to the hows,…
How you can maintain GRC compliance if you have users with dangerous SAP_ALL? The authorization profile, SAP_ALL has such vast amounts of authorizations inside that it is mistakenly known as “the profile that can grant everything in the SAP system”.…