Some of the key factors which holds back your success with SAP GRC RAR

When you implement the SAP GRC for the first time you do not know what kind of results you are going to get. One type of result is there is minimum number of risk which basically means your roles are tightly controlled and users do not get excessive access. They just have what they need.  

But Usually this is not the case most of the SAP Customers will see huge amount of risk within the users and roles. This is not surprise as these roles must have been developed long back and nothing has been done to cleanup. 

Here are the common questions you will get when you send this kind of SAP SOD Violation report to your Auditor or Process Owner.  

What does this report means to me and how to I interpret these results?

How do I clean up these roles to make them SAP SOD Free?

What is the monitory damage done to my SAP system and the risk be quantified

How are the SAP object values preventing or contributing to the risk?

How are we to go about removing the role or transaction from the users

All these transactions are part of our regular business how are we supposed to remove the access

We will need to hire additional people to manage SAP Roles at this granular level

What this all means is that your SAP User Access is never going to be cleaned up. There will be constant pushback from the Process team owners to stall the cleanup process. The upper management will also not want to take a decision unless there is a serious compliance violation.  

With Process control automation tool for SAP

Can clearly show you the actual loss because of the access control violations. It not only shows you’re the actual transaction performed. This could be a good starting point for your CIO and CFO to understand the magnitude of the problem. This will in turn help you to get the upper management push to clean up the access it is creating loss to the company.

Free Step by Step SAP License Optimization Guide

SAP Customer is liable to pay 70 Million additional SAP licensing fees as a result of what is broadly known as Indirect Access.

Free SAP GRC 10.0 Step by Step Guide

Are you fed up with being not able to get job? Tired of being disappointed in yourself, because you just can’t seem to get started in the career as SAP  GRC Consultant?

Financial Loss due to Fraud Risk

Using the right kind of SAP Controls in the right way can be trans formative for any SAP System

Leave a Reply

Contact Person WhatsApp us