SAP User Access Management for S4HANA - Deloitte US · 2021. 1. 13. · SAP User Access Management...

of 5/5
SAP User Access Management for S4HANA Private and Confidential 2020
  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of SAP User Access Management for S4HANA - Deloitte US · 2021. 1. 13. · SAP User Access Management...

  • SAP User Access Management for S4HANA Private and Confidential2020

  • SAP User Access Management for S4HANA SAP User Access Management for S4HANA

    S4HANA technology offers innovation, and businesses are increasingly adopting these. With the deadline for S4HANA adoption ending in 2025, many customers have either already moved to S4HANA or are in the process of building their roadmap.

    While organisations are embarking on the journey of S4HANA-led digital transformation, one cannot ignore the impact of these trends on the business process and the underlying risk and compliance lens.

    Some of the most popular trends during this digital transformation journey and their impact on risks and controls are listed below:

    What is the power of S4HANA Digital code?

    Building blocks for SAP user access management in S4HANA-led digital transformation:

    The journey to SAP GRC 12.0 will start with a technical upgrade of the existing SAP GRC platform. It is important to take a holistic view of SAP user access management by ensuring that all impact areas are identified and designed in such a way that they complement each other and aligned to the overall access risk management strategy of the S4HANA digital platform. The following diagram depicts areas that need to be considered.

    Why we need S4HANA?

    New user experience - SAP Fiori enabled by HTML5

    Flexible deployment options - on-cloud, on-premises, hybrid

    Real-time data analytics - simplified data modelwith enhanced processingspeed, optimisedprocesses, and real-timeanalytics capabilities

    Embedded solutions – S4HANA offers embedded solutions like planning, analytics, warehouse

    Mobility and handheld devices – Provides access to information anytime, anywhere from any device.

    New dimension technologies - SAP Leonardo provides integration of technologies (ML, AI, iRPA, etc.) opening up newer possibilities for process redesign

    SAP GRC technical upgrade

    Update SoD risk definitions

    Optimizing Security design

    in S4HANA and other


    SAP GRC functional upgrade


  • SAP User Access Management for S4HANA SAP User Access Management for S4HANA

    How SAP GRC 12.0 can help you to gear up?

    How Deloitte can help

    Aligning GRC upgrade with S4HANA projects

    As organisations embark on digital transformation initiatives, it is critical that they focus on access management efficiency while prioritising key areas such as security, privacy, and compliance. Upgrading or implementing SAP Access Control 12.0 presents the perfect opportunity to modernise and transform identity and access governance as it comes with many new features and functionalities. In addition, a client should also consider that by 31 December 2020 the support would be ending for SAP GRC 10.1.

    While an upgrade from version 10.1 of Access Control may seem like more of a technical process, it will create opportunities to revisit current configuration, identify new functionality, and optimise SAP GRC.

    Some of the key features offered by SAP GRC 12.0 are as follows:

    Potential impact on Risk Control

    Impact on process controls due to transformed processes, additional

    features & functionalities and embedded solutions

    Impact on Interfaces due to multiple ABAP and non-ABAP applications talking

    to each other, possibility of interfacing IoT devices, etc.

    Impact on access controls due to additional transaction codes, access to

    SAP using mobility devises and Fiori, cross application SoDs, access to HANA DB

    Impact on IT general controls as companies adopt flexible deployment

    options, mobility solutions, etc.

    SAP GRC 12 - key Improvements

    Access Controls

    Process Controls

    Risk Management

    Other Changes

    • End-to-end integration with SuccessFactor

    • Cloud application support via Cloud Identity Access Governance

    • Risk Analysis for SAP Fiori Apps in SAP S/4 HANA on premise

    • EAM for SAP HANA DB

    • SAP SuccessFactor Central Payroll

    • Enterprise Risk Enhancements – Operational Risk Aggregation is automated. When an underlying risk changes, the aggregated amounts change

    • Workflow Enhancements – Manual KRI has a workflow now

    • Probability, Impact analysis guidance added to offline forms (SP04)

    • More flexible Continuous Controls Monitoring (CCM)

    • CCM business rules can be run standalone- without assigning them to any business controls

    • New SAP Fiori-based reports such as Monitor Issue Status and enhanced Monitor Control Status

    • Performance Enhancements

    • Visual harmonisation

    • Synchronisation job performance has improved

    • Web-based EAM for SP04

    • Background Risk Analysis after approval stages in Access Control

    Perform diagnostic study of current SAP GRC 10.x  and identify optimization opportunities (2-3 weeks)

    Assist in SAP GRC 12.0 technical upgrade (6-10 weeks) or re-implementation (all GRC service packs can’t be upgraded)

    Implement recommendation – SAP GRC optimization

    Clients migrating to S4HANA during year 2020

    • SAP GRC Technical Upgrade and Optimisation Study can be completed on Priority – estimated duration 6-10 weeks.

    • SAP GRC go-live along with SAP Security re-design to go-live along with S4HANA go-live


    DEC 2020 S4HANA GO-LIVE POST 2020

    Clients migrating to S4HANA after year 2020

    GRC 12.0 Technical upgrade has to be completed before Dec 2020 along with SAP GRC Functional upgrade.

    Clients migrating to S4HANA after year 2020

    SAP Security Redesign and alignment of SAP GRC with S4HANA shall be completed along with S4HANA go-live


  • SAP User Access Management for S4HANA


    Contact usRohit Mahajan President – Risk Advisory [email protected]

    Gaurav Shukla Partner, Risk Advisory [email protected]

    Manas Ketkar Director [email protected]

    Abhijit [email protected]

    Nitin Jagtap [email protected]

    Muthukumar KaruppiahPartner [email protected]

    Sachin Arora Director [email protected]


  • Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see for a more detailed description of DTTL and its member firms.

    This material has been prepared by Deloitte Touche Tohmatsu India LLP (“DTTILLP”), a member of Deloitte Touche Tohmatsu Limited, on a specific request from you and contains proprietary and confidential information. This material may contain information sourced from publicly available information or other third party sources. DTTILLP does not independently verify any such sources and is not responsible for any loss whatsoever caused due to reliance placed on information sourced from such sources. The information contained in this material is intended solely for you. Any disclosure, copying or further distribution of this material or its contents is strictly prohibited.

    Nothing in this material creates any contractual relationship between DTTILLP and you. Any mutually binding legal obligations or rights may only be created between you and DTTILLP upon execution of a legally binding contract. By using this material and any information contained in it, the user accepts this entire notice and terms of use.

    ©2020 Deloitte Touche Tohmatsu India LLP. Member of Deloitte Touche Tohmatsu Limited