Product Report: SAP Business Objects GRC Access Control

Report Details

The SAP BusinessObjects GRC Access Control (in short AC) solution is a powerful set of tools that help to automate risk analysis and mitigation for user and authorization management in SAP and non-SAP systems. It is a strong product for the SAP ABAP world, and is able to cover non-SAP systems using real-time adapters from Greenlight. It covers a substantial subset of the overall GRC requirements – it provides a leading-edge solution for SAP environments, which are at the centre of many IT environments and is able to perform as a realtime cross-platform solution.

The core of the product suite - Risk Analysis and Remediation (RAR) - is the most valuable part and helps effectively to reduce risks in ABAP-based SAP systems - and correspondingly in the implemented business processes - mostly by the set of predefined risks delivered with the product. RAR also supports non-SAP systems in real time due to the risk definition at business process level and the mapping to technology-specific controls through a number of OEMed adapters from Greenlight. Mitigating controls need to be added per project, which is in general appropriate, but a few predefined elements would be of great help to customers. The existing guidelines and offerings from SAP such as the Customer Advisory Office can help implementing the mitigation, as there is no best practice available because of the massive customization of the role assignment processes in customer organizations.
 
An important aspect of AC is the possibility to automate access rights assignment with Compliant User Provisioning (CUP), since this enables real-time risk analysis of planned authorization assignments. A critical factor for success is an appropriate and intelligent definition of the workflows. There are templates and standard workflows - pre-filled with  e.g. HR master data - to start from.

Role creation is the objective of the Enterprise Role Management component. It benefits from the integration with RAR and CUP, from an enterprise-wide methodology making especially naming consistent and from a capability of role mass maintenance. Detailed role creation is not the focus of ERM, experts prefer the standard transactions - which are actually supported from within ERM - or specialized non-SAP tools.

Integration with Identity Management systems is state-of-the-art, all major LDAP based directory service products are supported, as well as HR systems, including a user mapping functionality.

Finally, Superuser Privilege Management (SPM) allows to create specific IDs for short-term remediation firefighter activities requiring elevated privileges. The application is well conceived and simple to use, the emergency access through the SPM interface ensures fine-grained audit, which makes it a quick win. Yet, the privileged user concept should be developed and planned in advance. The integration with the other AC tools is limited, it does support non-SAP privileged account management through the Greenlight adapters.

You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
Apr 15, 2010

Product Report: SAP Business Objects GRC Access Control

The SAP BusinessObjects GRC Access Control (in short AC) solution is a powerful set of tools that help to automate risk analysis and mitigation for user and authorization management in SAP and non-SAP systems. It is a strong product for the SAP ABAP world, and is able to cover non-SAP…

€95.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

AWS re:Invent Impressions

This year’s flagship conference for AWS – the re:Invent 2018 in Las Vegas – has just officially wrapped. Continuing the tradition, it has been bigger than ever – with more than 50 thousand attendees, over 2000 sessions, workshops, hackathons, certification courses, a huge expo area, and, of course, tons of entertainment programs. Kudos to the organizers for pulling off an event of this scale – I can only imagine the amount of effort that went into it. I have to [...]

Latest Insights

Hot Topics

Spotlight

Modern Cybersecurity Trends & Technologies Learn more

Modern Cybersecurity Trends & Technologies

Companies continue spending millions of dollars on their cybersecurity. With an increasing complexity and variety of cyber-attacks, it is important for CISOs to set correct defense priorities and be aware of state-of-the-art cybersecurity mechanisms. [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00