• Post author:

5 Major Mistakes That a GRC Professional Should Never Make

If you’re in the GRC field and you’re asked to join a GRC project as a professional consultant, a team leader or a project manager – avoid these 5 major mistakes. If you don’t identify these situations beforehand, you might…

Continue Reading 5 Major Mistakes That a GRC Professional Should Never Make
  • Post author:

Which SAP Authorizations Should He Have?

Many small and medium sized companies struggle with this challenge. Let’s say they have a sales representative who’s located in another country. Which authorizations should he get? Should he have access to the SAP system at all? If so, should…

Continue Reading Which SAP Authorizations Should He Have?
  • Post author:

The Three Top Authorization Objects: What Are They?

Even though Authorization Objects are the most basic components in the SAP authorization world, they make SAP much more secure. Many organizations argue that you should use Authorization Objects like you spice food: If spices are used properly, there’s total…

Continue Reading The Three Top Authorization Objects: What Are They?
  • Post author:

Granting SAP_ALL to Everybody – Crazy or Not?

True Story A customer from a large enterprise came to us and said, “Our company has an ‘open policy.’ We trust our employees, so we grant all of them SAP_ALL. We know that SAP_ALL includes all authorizations in the system…

Continue Reading Granting SAP_ALL to Everybody – Crazy or Not?

The Three Most Sensitive T-Codes Ever: What Are They?

What are your organization’s top three most sensitive T-Codes; the ones that you’re really careful about granting? You’ve had to think about this before, either during an authorization-inspection project, a GRC project or when asked by an auditor. Can you…

Continue Reading The Three Most Sensitive T-Codes Ever: What Are They?
  • Post author:

5 Astonishing Truths about GRC in SAP Environments

Here are 5 amazing facts based on our vast experience with SAP customers required to maintain SOX compliance, GRC consultants and auditing firms. 1. The focus is on compensating controls much more than on eliminating risk. …and it should be…

Continue Reading 5 Astonishing Truths about GRC in SAP Environments
  • Post author:

The Curse of the Unused: Z_UNUSED_TCODE and Y_UNUSED_ROLE

In 1914, American judge Louis Brandeis coined the famous quote “Sunlight is said to be the best of disinfectants,” and it has proven to be most accurate in 2014 too. Many of our current and potential clients fear what may…

Continue Reading The Curse of the Unused: Z_UNUSED_TCODE and Y_UNUSED_ROLE

Do You Understand the Meaning of Behavior-Based Profiling?

Xpandion creates “behavior-based profiling” for business applications. Sounds impressive, huh? However, do you know what it means, exactly? Our customers often understand the benefits of our products: how they save time, increase security and lower costs. However when it comes to the hows,…

Continue Reading Do You Understand the Meaning of Behavior-Based Profiling?
Page 2 of 3
1 2 3