SAP Access Control (GRC) Consulting

An optimized and automated solution is required to handle the various compliance requirements (ICS, SOX, FDA) and guidelines and thus safeguard a company’s authorization and access controls. By implementing SAP GRC Access Control, all of these various demands can be met. 

SAP Community Moderator & Topic Leader

Alessandro Banzer is our services leader for SAP Access Control (GRC) and a moderator, thought and topic leader on the SAP Community. Alessandro is a former  member of the month on SAP SCN and an active contributor to the SAP Community. In more than 50 blogs, he shares his deep insight knowledge with the public.

Related Blog Posts

Stay up to date with latest information about SAP Access Control by following our blog.

SAP Access Control (GRC) Firefighter ID Review

Alessandro Banzer October 3, 2017

In my earlier blog about Firefighter lifecycles (, I mentioned the requirement to review Firefighter IDs on a regular basis. Over the last couple of years, this requirement has become an…

(Read More)

SAP Access Control (GRC) Online vs. Offline Risk Analysis

Alessandro Banzer June 6, 2017

This article describes the differences between Online and Offline Risk Analysis in SAP Access Control (GRC) based on several SAP Notes and our implementation experience. Before you can run offline analysis at all, you have to set the configuration option…

(Read More)

Understanding SAP GRC IDM Integration

Johannes Kastner April 4, 2017

As mentioned previously in our blog CIRM: Compliant Identity and Role Management in Practice, you can integrate your SAP Access Control (GRC) and SAP Identity Management (IDM) to leverage its functionalities. In this blog, I would like to give you…

(Read More)

Direct vs. Indirect Role Assignments

Alessandro Banzer March 23, 2017

In this article, I’ll discuss the differences between direct vs. indirect role assignment in the context of SAP authorizations. Each assignment scenario has its pros and cons, and you can use both independently or in combination to complement each…

(Read More)

ABAP code scanning and risk analysis of custom code

Alessandro Banzer March 16, 2017

Many SAP customers develop applications by writing custom ABAP code. That’s a risk if you don’t have proper ABAP code scanning procedures in place. In this article, I will explain how to analyze and mitigate the risk in…

(Read More)

Remediating SOD Risk in SAP Access Control (GRC)

Alessandro Banzer February 21, 2017

Access Risk Analysis is a tool within SAP Access Control that enables you to define user access risk (via way of a rule set) and to identify access risk (or simulate for potential risk). It also provides you with system…

(Read More)

How may we help you?

Let's discuss how we can assist you with achieving your SAP security goals!