SAP User Access Management For S4HANA - Deloitte
SAP User Access Managementfor S4HANAPrivate and Confidential2020
SAP User Access Management for S4HANASAP User Access Management for S4HANAWhy weneedS4HANA?S4HANA technology offers innovation, and businesses areincreasingly adopting these. With the deadline for S4HANAadoption ending in 2025, many customers have either alreadymoved to S4HANA or are in the process of building their roadmap.While organisations are embarking on the journey of S4HANA-leddigital transformation, one cannot ignore the impact of thesetrends on the business process and the underlying risk andcompliance lens.Some of the most popular trends during this digital transformationjourney and their impact on risks and controls are listed below:What is the power of S4HANA Digital code?New user experience SAP Fiori enabled byHTML5Flexible deploymentoptions - on-cloud,on-premises, hybridReal-time data analytics- simplified data modelwith enhanced processingspeed, optimisedprocesses, and real-timeanalytics capabilitiesEmbedded solutions –S4HANA offers embeddedsolutions like planning,analytics, warehouseMobility and handhelddevices – Provides accessto information anytime,anywhere from anydevice.New dimensiontechnologies - SAPLeonardo providesintegration of technologies(ML, AI, iRPA, etc.) openingup newer possibilities forprocess redesignBuilding blocks forSAP user accessmanagement inS4HANA-led digitaltransformation:The journey to SAP GRC 12.0 will startwith a technical upgrade of the existingSAP GRC platform. It is important totake a holistic view of SAP user accessmanagement by ensuring that all impactareas are identified and designed in sucha way that they complement each otherand aligned to the overall access riskmanagement strategy of the S4HANAdigital platform. The following diagramdepicts areas that need to be considered.2SAP GRCtechnicalupgradeSAP GRCfunctionalupgradeUpdate SoD riskdefinitionsOptimizingSecurity designin S4HANAand otherapplications3
Potentialimpact onRisk ControlSAP User Access Management for S4HANAImpact on process controls due totransformed processes, additionalfeatures & functionalities and embeddedsolutionsImpact on Interfaces due to multipleABAP and non-ABAP applications talkingto each other, possibility of interfacing IoTdevices, etc.Impact on access controls due toadditional transaction codes, access toSAP using mobility devises and Fiori, crossapplication SoDs, access to HANA DBAligning GRC upgrade with S4HANA projectsS4HANA GO-LIVE DURINGYEAR 2020DEC 2020SAP User Access Management for S4HANAS4HANA GO-LIVE POST 2020Clients migrating to S4HANAduring year 2020Clients migrating to S4HANAafter year 2020Clients migrating to S4HANAafter year 2020 SAP GRC Technical Upgradeand Optimisation Study can becompleted on Priority – estimatedduration 6-10 weeks.GRC 12.0 Technical upgrade hasto be completed before Dec 2020along with SAP GRC Functionalupgrade.SAP Security Redesign andalignment of SAP GRC with S4HANAshall be completed along withS4HANA go-live SAP GRC go-live along with SAPSecurity re-design to go-live alongwith S4HANA go-liveImpact on IT general controls ascompanies adopt flexible deploymentoptions, mobility solutions, etc.How SAP GRC12.0 can help youto gear up?As organisations embark on digital transformation initiatives, it is critical that they focuson access management efficiency while prioritising key areas such as security, privacy,and compliance. Upgrading or implementing SAP Access Control 12.0 presents theperfect opportunity to modernise and transform identity and access governance asit comes with many new features and functionalities. In addition, a client should alsoconsider that by 31 December 2020 the support would be ending for SAP GRC 10.1.While an upgrade from version 10.1 of Access Control may seem like more of atechnical process, it will create opportunities to revisit current configuration, identifynew functionality, and optimise SAP GRC.Some of the key features offered by SAP GRC 12.0 are as follows:SAP GRC 12 - key ImprovementsHow Deloitte can erChangesPerform diagnostic study of current SAP GRC 10.x andidentify optimization opportunities (2-3 weeks)4 End-to-end integrationwith SuccessFactor Cloud applicationsupport via CloudIdentity AccessGovernance Risk Analysis for SAP FioriApps in SAP S/4 HANAon premise EAM for SAP HANA DB SAP SuccessFactorCentral Payroll More flexible ContinuousControls Monitoring(CCM) CCM business rulescan be run standalonewithout assigning themto any business controls New SAP Fiori-basedreports such asMonitor Issue Statusand enhanced MonitorControl Status Enterprise RiskEnhancements –Operational RiskAggregation is automated.When an underlying riskchanges, the aggregatedamounts change PerformanceEnhancements Visual harmonisation Synchronisation jobperformance hasimproved Workflow Enhancements– Manual KRI has aworkflow now Web-based EAM forSP04 Probability, Impactanalysis guidance addedto offline forms (SP04) Background Risk Analysisafter approval stages inAccess ControlAssist in SAP GRC 12.0 technical upgrade (6-10 weeks) orre-implementation (all GRC service packs can’t be upgraded)Implement recommendation – SAP GRC optimization5
SAP User Access Management for S4HANAContact usShree ParthasarthyAbhijit KatkarMuthukumar KaruppiahPartnersparthasarathy@deloitte.com 91 98 717 22243Partnerakatkar@deloitte.com 91 98 923 88833Partnermkaruppiah@deloitte.com 91 81 057 88855Manas KetkarNitin JagtapSachin AroraDirectormaketkar@deloitte.com 91 90 491 24516Directornjagtap@deloitte.com 91 95 823 79532Directorsacharora@deloitte.com 91 98 105 6377767
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UKprivate company limited by guarantee (“DTTL”), its network of member firms,and their related entities. DTTL and each of its member firms are legallyseparate and independent entities. DTTL (also referred to as “Deloitte Global”)does not provide services to clients. Please see www.deloitte.com/about for amore detailed description of DTTL and its member firms.This material has been prepared by Deloitte Touche Tohmatsu India LLP(“DTTILLP”), a member of Deloitte Touche Tohmatsu Limited, on a specificrequest from you and contains proprietary and confidential information. Thismaterial may contain information sourced from publicly available informationor other third party sources. DTTILLP does not independently verify any suchsources and is not responsible for any loss whatsoever caused due to relianceplaced on information sourced from such sources. The information containedin this material is intended solely for you. Any disclosure, copying or furtherdistribution of this material or its contents is strictly prohibited.Nothing in this material creates any contractual relationship between DTTILLPand you. Any mutually binding legal obligations or rights may only be createdbetween you and DTTILLP upon execution of a legally binding contract. Byusing this material and any information contained in it, the user accepts thisentire notice and terms of use. 2020 Deloitte Touche Tohmatsu India LLP. Member of Deloitte ToucheTohmatsu Limited
SAP user access management in S4HANA-led digital transformation: The journey to SAP GRC 12.0 will start with a technical upgrade of the existing SAP GRC platform. It is important to take a holistic view of SAP user access management by ensuring that all impact areas are identified and designed in such a way that they complement each other
SAP ERP SAP HANA SAP CRM SAP HANA SAP BW SAP HANA SAP Runs SAP Internal HANA adoption roadmap SAP HANA as side-by-side scenario SAP BW powered by SAP HANA SAP Business Suite powered by SAP HANA Simple Finance 1.0 2011 2013 2014 2015 Simple Finance 2.0 S/4 HANA SAP ERP sFin Add-On 2.0
SAP Certification Material www.SAPmaterials4u.com SAP Certification Material for SAP Aspirants at Low cost Home Home SAP Business Objects SAP BPC CPM SAP BPC 7.0 SAP EWM SAP GTS SAP Public Sector SAP Real Estate SAP FSCM SAP FI/CO SAP AC - FI/CO SAP BI 7.0 SAP CRM 5.0
SAP Master Data Governance SAP Information Steward SAP HANA smart data integration SAP Data Hub SAP Cloud Platform Big Data Services SAP HANA, platform edition SAP Vora Customer Experience IoT Workforce Engagement SAP Cloud for Customer SAP Commerce SAP Marketing SAP Asset Intelligence Network SAP Predictive Maintenance and Service SAP .
ALE/RFC Setup 88 SAP System Type 88 SAP IDoc Version 88 Program ID (SAP to e*Gate) 88 SAP Load Balancing Usage (e*Gate to SAP) 89 SAP Application Server (e*Gate to SAP) 89 SAP Router String (e*Gate to SAP) 90 SAP System Number (e*Gate to SAP) 90 SAP Gateway Ho
SAP HANA Appliance SAP HANA DB In-Memory A io BI Client non-ABAP (SAP supported DBs) SAP Business Suite SAP Business Suite SAP Business Suite SAP Business Suite SAP Business Suite SAP Business Suite SAP Business Warehouse SAP HANA DB r In-Memory Source Systems SAP LT Replication Ser
Customer Roadmap to SAP Simple Finance - Example " Adopting SAP Simple Finance is a journey - start early" Side-by-side SAP HANA Acceleration SAP HANA accelerators, BW, BPC, GRC SAP Business Suite on SAP HANA SAP ERP on SAP HANA SAP ERP in SAP HANA Enterprise Cloud SAP Accounting Powered By SAP HANA Simple Finance add-on/
SAP Business Suite SAP BW SAP Apps Partner Apps SAP HANA PLATFORM Planning and Calculation Engine Real-Time Replication Services Information Composer & Modeling Studio SAP UI HTML5 Mobile SAP BI 4 SAP ERP SAP CRM SAP SCM SAP PLM SAP SRM SAP Netweaver Predictive Analytics & Business Function Libraries In-Memory
SAP TM Notifier Sybase Mobile Workflow 2.1 SAP Sales Pipeline Simulator SAP Customer Financial Fact Sheet SAP Authenticator SAP Work Manager for Maximo SAP CRM SERVICE MANAGER SAP Cloud for Customer SAP GRC Access Approver SAP Manager Insight SAP Commissions Check SAP Mobile
