Difference between Access Control and Process Control in SAP

SAP ECC system is complex and the first step will be to have a Risk management process to address your SAP Audit Compliance. This could be an Access Control or Process Control Solution. Both solutions can give you some level of risk management solution which helps the internal auditor. But there is a huge difference in their results and value it can provide.

Access Controls: Provides information on the Transaction assigned

Access Control can provide you with the access violations with the access of a SAP user or SAP role. Here you purely look at the transaction access. This can give you valuable insight into the Potential risk in your SAP ECC System. But it does mean the risk actually happened. With New SPA GRC Version you can even look at the number of times the risk was executed. But this is a false sense of hope given to the auditors, as it does not provide the changes or risk which really happened.

Process Control: Risk with Dollar value assigned

With process control, you can really see the actual risk which has happened in the system and potential loss it could have for your company. In this case, the auditor can really see exact transaction changes which have happened in the vendor master or customer master or invoice payment. This way he or she is not really not relying on Just execution but also on the transactions which have posted in the system and the potential loss which could happen if the changes are nor investigated. The process control tool for SAP Properly configured can give you the exceptions only based on rules you have defined.

The example in finance could be Maintaining the account and posting it. In the Access Control Scenario, you can only see that the combined transactions were executed.

Key Benefits of the Process Control Solution

  • Real-time audit checks for business processes
  • Flags transactions out of the normal
  • Immediate ROI: detection of errors, fraud, inefficiencies => avoid losses
  • Root cause analysis on problematic transactions identify issues caused by weak processes, outside organizations etc.
  • Workflows: reduce overhead in detection, investigation, documentation
  • Improve internal control system, compliance; ease audits (evidence controls, follow-up

Free Step by Step SAP License Optimization Guide

SAP Customer is liable to pay 70 Million additional SAP licensing fees as a result of what is broadly known as Indirect Access.

Free SAP GRC 10.0 Step by Step Guide

Are you fed up with being not able to get job? Tired of being disappointed in yourself, because you just can’t seem to get started in the career as SAP  GRC Consultant?

Financial Loss due to Fraud Risk

Using the right kind of SAP Controls in the right way can be trans formative for any SAP System

Leave a Reply

Contact Person WhatsApp us