SAP WORLD TOUR LUXEMBOURG 2010October 26, 2010 – Kikuoka Mercure Golf ClubSAP BusinessObjects Access ControlA Solution for...
Agenda        1.      Expertum introduction        2.      GRC today        3.      SAP BO GRC AC 5.3                 •   ...
Expertum Introduction                                                                                                     ...
GRC today                                                       Governance,             Enables                          ...
Benefits of SAP BO GRC AC 5.3      Control access         Centralized access (and identity) management         Out of th...
Benefits of SAP BO GRC AC 5.3      Real-time oversight and predictability         Review and approval process         Re...
Benefits of SAP BO GRC AC 5.3      Continuous access management         Avoid business obstructions with faster emergency...
Stakeholder interests                         CFO                      - Better visibility of access risk                ...
Issues encountered                                                                            Compliance and Audit   Busin...
Solution approach              Business Operations                                                       Compliance and Au...
SAP BO Access Control  Sustainable prevention of segregation of duties violations                                         ...
SAP BO Access Control  Minimal time to compliance                       Get                       Clean                   ...
SAP BO Access Control  Sustainable prevention of segregation of duties violations             Minimal        Time To Compl...
Get Clean – RAR demo© SAP 2010 / Page 14
Get clean (RAR)      Cross-enterprise view on SOD violations       Allows an effective road towards compliance       All...
SAP BO Access Control  Continuous Access Management                       Stay                       Clean                ...
SAP BO Access Control  Sustainable prevention of segregation of duties violations             Minimal                     ...
Stay Clean – CUP demo© SAP 2010 / Page 18
Stay clean (CUP)      Request procedure is very structured       Only choice from existing business roles       Forces t...
SAP BO Access Control  Sustainable prevention of segregation of duties violations             Minimal                     ...
Stay Clean – SPM demo© SAP 2010 / Page 21
Stay clean (SPM)      Firefighter roles         Classical firefighter activities (the truck is waiting and the issue need...
SAP BO Access Control  Effective Management Oversight and Audit                       Stay in                       Contro...
SAP BO Access Control  Sustainable prevention of segregation of duties violations                                         ...
Stay in Control – RAR demo© SAP 2010 / Page 25
Stay in Control (RAR)      What-if analysis       Check compliance before violations occur       Sustainability of compl...
SAP BO Access Control  Sustainable prevention of segregation of duties violations                                         ...
Conclusion      SAP BO GRC Access Control ensures sustainability of         Implemented roles through a very structured r...
SAP BO GRC AC : The next release      GRC2010 Barcelona         Release 10.0 of AC, PC & RM will be presented         On...
Questions?© SAP 2010 / Page 30
For more info:             www.expertum.netThank you!
Upcoming SlideShare
Loading in...5
×

Sap business objects access control as a sustainable solution for authorization compliance

518

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
518
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Sap business objects access control as a sustainable solution for authorization compliance

  1. 1. SAP WORLD TOUR LUXEMBOURG 2010October 26, 2010 – Kikuoka Mercure Golf ClubSAP BusinessObjects Access ControlA Solution for Sustainable AuthorizationCompliance Chris Walravens GRC Competence & Delivery Lead Expertum Koen Roaen For more info: www.expertum.net Business Development & GRC Competence Lead Expertum
  2. 2. Agenda 1. Expertum introduction 2. GRC today 3. SAP BO GRC AC 5.3 • Benefits • Stakeholder interests • Issues encountered & Solution approach 4. Get Clean – Stay Clean – Stay in control • RAR • CUP • SPM • RAR 5. Conclusion 6. The next release 7. Questions© SAP 2010 / Page 2
  3. 3. Expertum Introduction  SAP Service Partner  Founded in 2006  SAP Channel Partner  SAP Education Partner  Team of +45 SAP Experts and Project Managers  SAP Lounge Partner  SAPience.be Partner Project Management Product (PM) Supply Lifecycle Chain Management Planning (PLM) (SCP) Knowledge Supply Finance Chain Management Execution (FI)  Our Expertise : - (SCE) Product & Service Development Business SAP Intelligence NetWeaver (BI) (NW) SAP Governance, Solution Risk, and Manager Compliance (SolMan) (GRC)  Our Mission: Exceed client expectations by providing top-quality expertise Provide our people a safe environment for personal and professional growth© SAP 2010 / Page 3
  4. 4. GRC today Governance, Enables  Access Control compliant continuous Risk and  Sustainability Performance Management Manages processes and analytics control of access and authorization across the enterprise Compliance to communicate and execute sustainability strategy Proactively protects information Data gathering with automatic and prevents fraud through and repeatable collection from automated risk analysis and systems and people remediation Sustainability Access Performance Control  Process Control Management  Global Trade Services Automated continuous control Automates import and export monitoring across policies and compliance, including ITAR regulatory requirements Supports electronic customs Delivers cross-system visibility filling and reporting and a unified repository of Monitors and manages outbound compliance data for efficient multi- initiative management Process Global Trade NFe transactions Identify, manage and prioritize Control Services risk exposure across global supply chains  Risk Management  Environment, Health, and Safety Management Formal integration of risk Comprehensive platform for management with strategy Environmental, Health and Safety Environment, Health, and Repeatable framework to analyze Risk Management Safety Management Management and mitigate risk Provides support across three Continuously monitor key risk pillars of Health and Safety, indicators across strategic Product, Safety and Stewardship objectives and Emissions Management© SAP 2010 / Page 4
  5. 5. Benefits of SAP BO GRC AC 5.3 Control access  Centralized access (and identity) management  Out of the box rules automatically eliminate access and authorization risks  Enforce segregation of duties across applications and departments  Prevents improper access to assets Automate compliance  Automate segregation of duties and access management  Automated audit trails and documentation  Automated analysis© SAP 2010 / Page 5
  6. 6. Benefits of SAP BO GRC AC 5.3 Real-time oversight and predictability  Review and approval process  Real-time detective controls and transaction monitoring  Automated IT and Line of Business collaboration Facilitates the road to compliance  Obtain quick, effective, and comprehensive identification of risks  Eliminate existing access and authorization risks© SAP 2010 / Page 6
  7. 7. Benefits of SAP BO GRC AC 5.3 Continuous access management  Avoid business obstructions with faster emergency response  Improve productivity of end users  Mitigate risk through continuous monitoring Effective management oversight  Provide capabilities for management oversight  Facilitate internal audit  Minimizes audit cost & time© SAP 2010 / Page 7
  8. 8. Stakeholder interests  CFO - Better visibility of access risk - Solid proof and reliability for financial data and regulatory reporting - Reduce risk by analyzing issues and performing necessary remediation  CIO - Increase efficiency and collaboration with compliance embedded into business processes - Faster resolution of issues with IT and Line of business collaboration  Audit - Transfer ownership of controls to business - Minimized audit time and audit related costs - Automated audit trails and documentation© SAP 2010 / Page 8
  9. 9. Issues encountered Compliance and Audit Business Operations  Compliance analysis is mostly a manual process  Lack of visibility due to technical complexity  Manage numerous diverse regulatory requirements  Overwhelmed by ever-increasing number of  Lack of governance framework to ensure compliant role global and local regulatory requirements management  Limited effectiveness with review and approval  Role proliferation and excess privileges increase audit processes challenge IT Operations  Manual, labor intensive user provisioning and access End Users management  Productivity loss due to delay in getting access  Fragmented approach to access management increases the  Fragmented access management process provides possibility for errors and inconsistency incomplete access  Complex and technical security data models prevent collaboration  Access not kept synchronized with changing role, resulting in between IT and business inadequate access (or potential unauthorized access)© SAP 2010 / Page 9
  10. 10. Solution approach Business Operations Compliance and Audit  Provides for business user accountability  Preventive compliance of roles through integrated risk analysis  Collaborative role management process  Streamlines job functions with consistent business roles  Business friendly role definitions reflect the reality  Visibility of role compliance and role exceptions of business  Increases confidence with built-in audit trailsIT Operations End Users Reduction in administration  Quick on-boardingcosts eliminating productivity loss Elimination of manual errors  Right access to rightresulting in increased user systems at right timesatisfaction  Reduce risk of unauthorized accessConsistent, repeatable, streamlined processes to manageusers across the enterprise Single toolset forheterogeneous landscaperesulting in lower training costs Customers / Partners  Secure and compliant access to business services across organization boundaries© SAP 2010 / Page 10
  11. 11. SAP BO Access Control Sustainable prevention of segregation of duties violations Effective Minimal Continuous Management Oversight Time To Compliance Access Management and Audit (Get Clean) (Stay Clean) (Stay in Control) Risk Analysis Enterprise Role Compliant User Superuser Privilege Periodic Access and Remediation Management Provisioning Management Review and Audit Rapid, cost-effective Enforce SoD Prevent SoD Close #1 audit issue Focus on remaining and comprehensive compliance at violations at with temporary challenges during initial clean-up design time run time emergency access recurring audits© SAP 2010 / Page 11
  12. 12. SAP BO Access Control Minimal time to compliance Get Clean Risk Analysis and Remediation© SAP 2010 / Page 12
  13. 13. SAP BO Access Control Sustainable prevention of segregation of duties violations Minimal Time To Compliance (Get Clean) Risk Analysis and Remediation Rapid, cost-effective and comprehensive initial clean-up© SAP 2010 / Page 13
  14. 14. Get Clean – RAR demo© SAP 2010 / Page 14
  15. 15. Get clean (RAR) Cross-enterprise view on SOD violations  Allows an effective road towards compliance  Allows reviews per system, user group, organizational level or role  Translates a technical subject (authorizations, rule sets, etc.) into business language  Remediation actions can be  authorization removal  mitigating control assignment Side notes  Authorization concept architecture impacts ease of remediation  Mitigating controls need to be in place and inventoried  The default rule set needs to be made company specific (false positives)© SAP 2010 / Page 15
  16. 16. SAP BO Access Control Continuous Access Management Stay Clean Compliant Superuser Enterprise User Provisioning Privilege Management Role Management Get Clean Risk Analysis and Remediation© SAP 2010 / Page 16
  17. 17. SAP BO Access Control Sustainable prevention of segregation of duties violations Minimal Continuous Time To Compliance Access Management (Get Clean) (Stay Clean) Risk Analysis Enterprise Role Compliant User and Remediation Management Provisioning Rapid, cost-effective Enforce SoD Prevent SoD and comprehensive compliance at violations at initial clean-up design time run time© SAP 2010 / Page 17
  18. 18. Stay Clean – CUP demo© SAP 2010 / Page 18
  19. 19. Stay clean (CUP) Request procedure is very structured  Only choice from existing business roles  Forces to work within the existing roles  Sustainability of implemented roles Approval procedure automated  Automated workflow (efficiency)  Preventive SOD checks (before approval)  Automated user provisioning  Sustainability of compliance of role assignments Side note  Role / authorization owners needed© SAP 2010 / Page 19
  20. 20. SAP BO Access Control Sustainable prevention of segregation of duties violations Minimal Continuous Time To Compliance Access Management (Get Clean) (Stay Clean) Risk Analysis Enterprise Role Compliant User Superuser Privilege and Remediation Management Provisioning Management Rapid, cost-effective Enforce SoD Prevent SoD Close #1 audit issue and comprehensive compliance at violations at with temporary initial clean-up design time run time emergency access© SAP 2010 / Page 20
  21. 21. Stay Clean – SPM demo© SAP 2010 / Page 21
  22. 22. Stay clean (SPM) Firefighter roles  Classical firefighter activities (the truck is waiting and the issue needs to be solved)  Critical system access (debugging)  Support roles for IT people needing to perform business functionality on occasion  Sustainability of regular access rights  Sustainability of audit trail for activities out of the regular© SAP 2010 / Page 22
  23. 23. SAP BO Access Control Effective Management Oversight and Audit Stay in Control Management Oversight Internal Audit Stay Clean Compliant Superuser Enterprise User Provisioning Privilege Management Role Management Get Clean Risk Analysis and Remediation© SAP 2010 / Page 23
  24. 24. SAP BO Access Control Sustainable prevention of segregation of duties violations Effective Minimal Continuous Management Oversight Time To Compliance Access Management and Audit (Get Clean) (Stay Clean) (Stay in Control) Risk Analysis Enterprise Role Compliant User Superuser Privilege Periodic Access and Remediation Management Provisioning Management Review and Audit Rapid, cost-effective Enforce SoD Prevent SoD Close #1 audit issue Focus on remaining and comprehensive compliance at violations at with temporary challenges during initial clean-up design time run time emergency access recurring audits© SAP 2010 / Page 24
  25. 25. Stay in Control – RAR demo© SAP 2010 / Page 25
  26. 26. Stay in Control (RAR) What-if analysis  Check compliance before violations occur  Sustainability of compliance of role assignments Reaffirmation  Reaffirm role assignments on a regular basis  Sustainability of compliance of role assignments© SAP 2010 / Page 26
  27. 27. SAP BO Access Control Sustainable prevention of segregation of duties violations Effective Minimal Continuous Management Oversight Time To Compliance Access Management and Audit (Get Clean) (Stay Clean) (Stay in Control) Risk Analysis Enterprise Role Compliant User Superuser Privilege Periodic Access and Remediation Management Provisioning Management Review and Audit Rapid, cost-effective Enforce SoD Prevent SoD Close #1 audit issue Focus on remaining and comprehensive compliance at violations at with temporary challenges during initial clean-up design time run time emergency access recurring audits Risk analysis, remediation and prevention services Cross-enterprise library of best practice segregation of duties rules© SAP 2010 / Page 27
  28. 28. Conclusion SAP BO GRC Access Control ensures sustainability of  Implemented roles through a very structured request procedure  Compliance of role assignments (regular access) through:  Automated approval procedure with preventive rule set check  What-if analysis  Reaffirmation procedure  Audit trails (access out of the regular)© SAP 2010 / Page 28
  29. 29. SAP BO GRC AC : The next release GRC2010 Barcelona  Release 10.0 of AC, PC & RM will be presented  One common technology platform (ABAP based)  More integration between the three applications  Mitigating controls in AC & PC  Risks in PC & RM  Functionality improvements© SAP 2010 / Page 29
  30. 30. Questions?© SAP 2010 / Page 30
  31. 31. For more info: www.expertum.netThank you!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×