Posts From the monthly archives: "February 2017"

Bosch Sicherheitssysteme GmbH was able to completely redesign the authorizations of its SAP system in only six months without disrupting operations. Project in a nutshell Bosch Sicherheitssysteme GmbH is located in Grasbrunn, Germany, has 13’000 employees, with total sales of EUR 1,699bn in 2015. Project targets were a complete redesign of all SAP…(Read More)

The SAP system architecture uses security libraries that enable encryption, advanced authentication mechanisms or digital signatures in SAP applications. In the past, the ABAP kernel shipped with the SAP Cryptographic Library (SAPCRYPTOLIB) as the default security product for SAP systems. It supports the use of digital signatures according to the Secure Store and Forward (SSF…(Read More)

Access Risk Analysis is a tool within SAP Access Control that enables you to define user access risk (via way of a rule set) and to identify access risk (or simulate for potential risk). It also provides you with system functionality to remediate the risk or mitigate it via assignment of a mitigating control. This…(Read More)

Optimizing SU24 helps you to increase the robustness of your SAP roles, reduce the risks caused by manual or changed authorizations in your roles and identify the challenges involved in a role redesign project. Learn more about our SU24 optimization service SU24 – authorization default data The SU24 transaction allows you to control the default…(Read More)

SAP professionals have long realized the importance of continuous education in this rapidly changing world. That’s why SAP Education and Xiting have teamed up to create and deliver specialized training courses and workshops. In 2017 our partnership with SAP Education in Europe has expanded to the United States, and we are proud to announce…(Read More)

In this article, I would like to give you an overview of organizational rules in SAP Access Control (GRC) and explain how you can use them in the context of risk analysis. In general, you can use organizational rules in SAP Access Control to eliminate false-positive Segregation of Duties (SoD) reporting, based on organizational…(Read More)