Extending SAP Access Controls to Align Policy with Business Process Risks

Organizations realize that business processes are dynamic and that their existing controls may not fully mitigate risks. While users need access to perform their regular duties, some activity can be problematic; think about PO changes, discounting, vendors without documentation, editing Master Data, etc. 

Context matters when controlling risk (and here’s the gap.) How many times has a user performed this transaction? Is the dollar value suspiciously high? Where is this user coming from? Is exposing this sensitive field really necessary? 

Preventing policy violations where ‘context’ is determining factor quickly becomes inadequate when you’re limited by static roles and permissions as your first line of defense. 

Attend this webinar to understand the myriad of business risks that exist in SAP ERP systems and how a data-centric strategy that includes attribute-based access controls, fine-grained security, and real-time analytics can greatly strengthen your GRC strategies.

Topics include:

• Pitfalls of relying on static roles and the myriad of business risks that still remain
• How you can reinforce existing access controls with new capabilities that tightly align context, data, and risk to ultimately determine user access
• How to streamline and centrally manage solutions designed to prevent data leakage (ex. Data Masking)
• How using real-time, fine-grained analytics can accelerate how you identify, alert, and remediate business policy violations BEFORE the violation becomes costly

Your Panelist for this Webinar is: