We can help you start over from scratch in authorization management or redesign your established concepts for optimal clarity – prior to your migration to S/4HANA, for example.

Our project models allow for a high degree of flexibility and they are tailored to your particular requirements.

In all of our authorization projects, we use modules of our proven SAST SUITE and can optimize automation to shorten project runtime by up to 70 %. Your project budget will thank us!

Meanwhile, is your next audit right around the corner? Once we show you your priority-one findings, you'll be able to relax as the big day approaches.

Pilot Studies

Our pilot studies provide you with a list of the current weaknesses in your existing authorization concept. Our proprietary tool SAST SUITE is ideal for this.

We then explain what actions you should take and create a project phase plan with detailed cost estimates, all tailored to you.

In this way, every authorization project is destined to be a complete success.

Authorization Concepts

The constant expansion of the number of users and authorizations means it is increasingly difficult to make the correct assignments. Over time, role content has changed, and the wide variety of transactions and authorization objects has only become more sophisticated. Often, it is no longer possible to easily keep track of it all.

As if that weren't enough, compliance guidelines are becoming more and more strict:

  • Critical authorizations
  • Segregation of Duties (SoD)
  • Traceable, system-supported authorization assignments

Our concepts give you the opportunity to try new ways of doing things and to introduce simple authorization assignments from start to finish. This helps to keep your administrative expenses down as well as to comply with current and future legal requirements. Our motto is "as much as possible with as little as possible".

Once the concept phase is complete, we won't leave you on your own. We will be more than happy to help you implement your new authorization management. And the best part? Our Safe Go-Live approach means you won't see any disruptions in your everyday business.

Cleansing and Implementation of Roles and Authorizations
SAST Safe Go-Live Management: Carry out faster, smoother authorization projects.

For many companies, the next step after an audit or the annual audit acceptance is often to redesign their authorization management. Frequently, such an audit identifies authorization objects that are much too comprehensive. Typically, decision-makers are unaware of how critical this is – or it is an intentional decision made to avoid supposed disruption to daily operations.

Our customers' requirements regarding quality, the time involved, and of course, their project budget often differ greatly when it comes to planning this kind of project. No matter your priorities in authorization projects, we offer solutions designed to meet every requirement to the letter.

All these projects have one thing in common: Our authorization consultants use our proprietary SAST SUITE modules to cleanse your critical authorizations. For you, this means we achieve a cleansing rate of up to 95 % – and we can also analyze the actual use of critical object values across all users.

One of the biggest challenges faced in a redesign project is ensuring the continuity of normal business operations. With our SAST Safe Go-Live Management approach, this concern is now a thing of the past. Not least because, in the event of an unforeseen error situation, your end users will be enabled to quickly and independently extend their authorizations - but only as far as the status quo before the migration. Your administrators will, of course, be notified about this.

Your advantages at a glance

  • Meet all requirements to the satisfaction of internal and external auditors
  • Automatic generation of roles saves you from deriving them manually
  • Authorization requirements are based on tool-supported analyses of actual user behavior
  • Comprehensive, completely SoD-free template roles ensure the success of your project
  • Prefab concept templates give you a leg up on documentation
  • Our modular approach means you have the greatest possible flexibility in the project phases
S/4HANA Migrations

Most likely one of the biggest tasks currently facing all SAP managers is the necessary migration to S/4HANA, as support for SAP ERP will expire at the end of 2025.

In our experience, we find that project kickoff is when many companies truly realize how many differences there are between SAP ERP and S/4HANA. Even more concerning is the fact that SAP security is often ignored completely during a migration.

Why is an S/4HANA migration impossible without also redesigning your authorizations?

  1. S/4HANA is a wholly new software, not an extension of SAP ERP
  2. Changes to process workflows mean that familiar transaction codes are no longer used, have different content or have been replaced by new transactions or Fiori apps
  3. The large number of discontinued or transferred transactions must be updated in your ruleset
  4. Around 150 new critical basis transactions have not yet been taken into account in most SoD rulesets
  5. The new SoD processes must include both the existing transactions and the OData services underlying the Fiori apps

Two possible approaches to ensuring the success of your S/4HANA migration

Transformation from your legacy System
  • Examine your process-role model
  • Take your SoD ruleset into account in the changed S/4HANA business processes
  • Migrate and automatically adjust using the role and authorization modules of the SAST SUITE
  • Update your SU24 default values automatically, even for your custom code
  • Support for an audit-compliant implementation
  • Testing support with SAST Safe Go-Live Management

Redesign your SAP authorizations

  • Create a process-role model based on our best practice approach in combination with the authorization trace in the SAST SUITE
  • Take your SoD ruleset into account in the changed S/4HANA business processes
  • Tailor-made redesign by using SAST SUITE
  • Support for audit-compliant design with our best-practice templates
  • Testing support with SAST Safe Go-Live Management

When designing your S/4HANA authorization concept, the quality of your current roles and your internal objectives are the deciding factors for determining whether the brownfield or the greenfield approach is right for you. We are happy to support you in this decision within the scope of an authorization pre-study.

You will definitely benefit from one advantage in a migration project with us the SAST Safe Go-Live approach. This is how we ensure that the authorization structures behind the Fiori apps are transparent for your interwoven landscape of a S/4HANA system, which intertwines both the SAP Fiori frontend and the SAP backend server. In addition, you not only receive a detailed record of user activities, but also a code analysis of the executed reports.

Our project approach at a glance

  • We analyze your existing processes, roles and authorizations with our SAST SUITE, checking for reusability, critical authorizations and SoD risks
  • Concept proposal for transforming your current authorizations and/or creating new, tailor-made S/4HANA roles
  • Update to your SU24 values on SAP S/4HANA
  • Configure your SAP Fiori apps

Our SAP Security Consultants will be happy to help you identify and eliminate any security vulnerabilities on the application server, your operation system or the databases.

GRC Workshops and Software Rollouts

When it comes to GRC software, every target group has its own particular demands and requirements.

That's why we offer workshops and training courses that are tailored to your needs:

  • Risk workshop on developing a specific authorization rule set
  • Trainings that will show your internal auditors how to implement periodic analyses
  • Courses for all the users and admins who work with SAST SUITE

If you're thinking about implementing GRC software at your company, feel free to put us to the test. You can take SAST SUITE on a test drive to gain some initial experience or conduct a more extensive analysis of our software in a proof-of-concept format. Once we have convinced you, we will of course be happy to assist you with the installation.

That’s what our customers say:

"Instead of repeatedly ironing out unevennesses in the roll administration, we’ve used SAST SUITE to put our authorization structures on an entirely new basis. Besides saving time and money over the long term, we no longer have to worry about our legal compliance."

Success Story "Authorization Management - legal certainty and correctness"

— Stefan Lendzian
NORDWEST Handel AG

"With the help of the SAP experts from AKQUINET and the Safe Go-Live approach, around 50% of the users that were created could be identified as inactive and easily deactivated. At the same time, the authorization project reduced the risks by up to 70% and thereby significantly improved security."

SAST SOLUTIONS Reference: Logo Stadtwerke Essen
— Stadtwerke Essen

Further SAST CONSULTING Services

Copyright akquinet AG. All Rights Reserved.