BLOG

Advice from our experts 

How to Eliminate “Deceiving” Authorization Roles

If your organization has run an SAP system for three years or more, you probably suffer from what we like to refer to as “Deceiving Authorization Roles syndrome.” Whether you’re familiar with this pesky problem or not, maintaining authorization roles for a few years, adding and removing activities and authorization

Read More »

3 Easy Ways to Prepare for the Event of Employee Leave

“Leaving us so soon, Mr. Solo?” This famous quote might sound good in the movies, but in a business environment, the event of an employee leaving your company can cause some serious security issues if not treated properly. Let’s talk about why and what you can do to prevent these

Read More »

5 Major Mistakes That a GRC Professional Should Never Make

If you’re in the GRC field and you’re asked to join a GRC project as a professional consultant, a team leader or a project manager – avoid these 5 major mistakes. If you don’t identify these situations beforehand, you might be put in an uncomfortable position that could hurt your

Read More »

Which SAP Authorizations Should He Have?

Many small and medium sized companies struggle with this challenge. Let’s say they have a sales representative who’s located in another country. Which authorizations should he get? Should he have access to the SAP system at all? If so, should he be allowed to only see SAP reports (“view only”)

Read More »

GRC Compliance: Better to Play Defense or Offense?

When it comes to handling GRC conflicts, is it better to use an alerting tool or a simulation tool? They both manage conflicts, but one is predictive and the other happens after the fact. Well, there is no one solution; the key is to use them in combination to promise

Read More »

What’s the best way to become a GRC expert in SAP?

It’s hard to start a career in any field, particularly the highly specialized field of GRC in SAP. The good news is that you know this is a direction you’d like to take. The question is how. I recently read this article by Andy Greig from SAP. Basically, the article

Read More »

The Three Top Authorization Objects: What Are They?

Even though Authorization Objects are the most basic components in the SAP authorization world, they make SAP much more secure. Many organizations argue that you should use Authorization Objects like you spice food: If spices are used properly, there’s total harmony and you can’t live without them. But if they

Read More »

Granting SAP_ALL to Everybody – Crazy or Not?

True Story A customer from a large enterprise came to us and said, “Our company has an ‘open policy.’ We trust our employees, so we grant all of them SAP_ALL. We know that SAP_ALL includes all authorizations in the system but everything’s working fine and our authorizations are very easy

Read More »

3 Expert Recommendations for Controlling Indirect Use in SAP Licensing

Xpandion’s CEO, Moshe Panzer, a recognized professional advisor for SAP Licensing, has some excellent advice about a topic that’s been disturbing a lot of SAP customers recently – indirect access. I hope you’ll find this information beneficial for your organization. Question: What is indirect access in terms of SAP licensing

Read More »
Close Menu

This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you, in order to personalize your experience. To find out more about the cookies we use, see our Privacy Policy.