You might know this scenario - the number of real and perceived IT threats is growing rapidly in companies. This danger also affects Access & Authorizations in SAP GRC. These risks are not only caused by people acting not compliantly, but often caused by negligence or the wrong behavior of your own employees. Both are usually based on authorizations that are too far-reaching – which is not surprising with approximately 150,000 SAP transaction codes.
The abundance of transaction codes gives rise to uncertainties, which in the past were optimally compensated by manual work in the area of SAP GRC authorizations. Although manual handling of requirements with SAP on-board resources is possible in principle, massive human resources are required for this. This inevitably leads to an increase in effort and process costs, as well as the risks associated with inadequate authorization assignment.
In this white paper we have compiled the most important aspects of SAP GRC authorization management for you, so you don’t fall into the 'authorization trap'.