This article describes the differences between Online and Offline Risk Analysis in SAP Access Control (GRC) based on several SAP Notes and our implementation experience. Before you can run offline analysis at all, you have to set the configuration option “Enable Offline Risk Analysis” to YES (Parameter 1027) in the Access Control configuration settings in…(Read More)

Migration to S4HANA

Xiting offers a free S/4HANA role migration analysis tool to estimate the impact of a S/4HANA migration on your roles and authorizations. S/4HANA is the next generation of enterprise software from SAP, and it comes with an entirely new security model. With S/4HANA, SAP has decided to combine, replace or remove…(Read More)

SU24 Tips and Tricks

The first two blogs dealt with fields which you should and respectively should not maintain as SU24 proposals for roles. The example of SAP standard organizational level fields is already dealt with in blog 2 to introduce fields which you should not maintain in SU24, but that is because you should maintain them in the…(Read More)

SU24 Tips and Tricks

There are fields of objects which uniquely belong to applications which are dealt with in the 1st blog of the series. The complete opposite exists as well for fields that have no place in SU24 proposals. They are role specific, or SU24 proposals are an overkill of maintenance. Related content: Which fields should be maintained…(Read More)

SAP Access Control GRC IDM Integration

As mentioned previously in our blog CIRM: Compliant Identity and Role Management in Practice, you are able to integrate your SAP Access Control (GRC) and SAP Identity Management (IDM) to leverage its functionalities. In this blog, I would like to give you an overview of the possibilities of how to connect your SAP Identity Management…(Read More)

Subscribe to our SAP Security Newsletter

Stay up to date with the latest SAP security news and receive valuable tips and tricks by subscribing to our newsletter.