


Loading in 2 Seconds...
Loading in 2 Seconds...
Complex ERP systems are potentially susceptible to segregation of duties (SoD) issues. By means of Profiling for SAP
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Optimize
Control
Understand, Optimize and Control your Business and IT
Profiling for SAP supporting Security Compliance for SAP®
1
Access Management and Segregation of Duties
2
Optimization of Authorizations
3
Project Support for SAP Blueprints
4
Profiling for SAP® Application
Page 2
“Profiling your SAP® Solution delivers our Clients all needed insights to understand, optimize and control their Business and complex SAP® Landscapes.”
Heinz-Jürgen Scherer, CEO TransWare AG
Understand
Optimize
Control
Page 3
The solution reveals the quality of the implementation by analyzing transaction logs, document types, user authorizations with roles and profiles, SAP® HR info types, SAP® customizing and object modifications and other configuration items.
It shows the overall picture of customizing and utilization of the current SAP® system with business related KPIs.
Complex ERP systems are potentially susceptible to segregation of duties (SoD) issues. By means of Profiling for SAP®, the desired responsibilities of SAP® users can be counterchecked against the real usage of SAP®. Reporting of the results can be done per job role, so you know what each role entails in terms of process activities, SAP® business blueprint process steps, SAP® roles and transactions.
Profiling for SAP® featuring SAP Compliance ManagementTechnical, Functional and Processual Analysis and Optimization of SAP
Page 4
As-Is Landscape
To-Be Transition
Optimize Landscape
Run SAP
Process IT Support
ASAPProject Methodology
Run SAP
Process IT Support
BusinessReengineering
Understand
Process
Management
Optimize
ComplianceManagement
Control
Access Control and Segregation of Duty
TechnicalAnalysis
Processual
Analysis
FunctionalAnalysis
Profiling for SAP® Compliance Management
Profiling for SAP® Compliance Management is based on the technical, functional and processual analysis tool components.
Page 5
Page 7
Are there any SoD violations?
Who has access to sensitive transactions?
“Internal Controls are processes designed by management to provide reasonable assurance that the Institute will achieve its objectives.” (From MIT’s Guidelines For Financial Review and Control)
Page 8
A Software Solution for SAP Project and Compliance Process Support
Page 9
A solution for compliance management based on standard software
Profiling is a configurable custom application with integration into SAP that ensures all user’s authorizations are compliant with the company’s compliance rules
Page 10
Risk RulesSet
SoD
Rule
Critical
Actions
and
Function
Function
Function
Transaction
Transaction
Transaction
Author.-
Object
Author.-
Object
Author.-
Object
Page 11
DefineFunctions
Assign Transactions
Define Conflicts and Risks
Page 12
Page 14
X=Financial Risk Exists, M = Medium Risk, H = High Risk
Page 16
Page 18
Page 20
Assigned Role not relevant for execution
of the custom “Y” YXPROC transaction
Example Report:
Page 21
Page 22
SAP® Solution Manager (SSM) is the SAP® tool that supports the plan, build and run aspects of ERP solutions based on SAP® NetWeaver and covers all needs for ITIL-compliant application lifecycle management (ALM).
SAP® describes ALM by the Run SAP® operational support methodology and the Accelerate SAP® (ASAP) project methodology. SSM serves as an interface between technology and business processes.
For SAP solution development like upgrades or implementations, the SAP solution is consistently documented in SSM by the Blueprint that describes the business processes and the resulting system configuration.
An important part of the SAP solution development is the configuration of organizational structures and optimized business and security compliance requirements.
Profiling for SAP® supports this aspect of SAP ALM to lower development and maintenance costs and improve process and compliance quality
Page 24
Support ASAP methodology and SAP Solution Manager Projects
Define Blueprint
Analyze AccessRequirements
Define Roles and User Access
Page 25
Optimized user authorizations from project start-up
SAP Blueprint with Masterdata, Org.-Unit Data, Scenarios, Processes, Process-Steps, Transactions and Documentation
Assign End-User-Roles to Process-Steps, Master-Data or Organizational-Unit Data
Process-Steps with Assigned Transactions
Page 26
Export the Blueprint structure for analytic reporting
Cross-Reference between Objects
(T-Code, Forms, Reports etc) and End-User-Roles
SAP Blueprint Structure (SAP Project)
Assigned User, Jobs, Org.-Units
Page 27
Page 28
Page 29
1. Extract
2. Define
3. Analyze
Reports
Dashboards
BI DB
Profiler
Analyzer
Predefined set of Risk Rules
Page 30
Page 31
TransWare Software Solutions AG
Fritz-Wunderlich-Str. 49
66869 Kusel
Germany
Phone: +49-(0)6381-916-0
Email: info@transware.de
Web: www.transware.de
All product, service and company names mentioned herein are for identification purposes only and may be trademarks or registered trademarks of their respective owners
Page 32