Assess your SAP® risks in real time
The SAP Segregation of Duties (SoD) Risk Analyzer module of the Access Control Suite enables you to conduct real-time SAP governance, risk and compliance (GRC) analysis. It also enables you to define and address separation of duties, determine sensitive authorizations, and prevent excessive user access.
Function-based approach for easy SAP GRC risk analysis. By defining and analyzing risks in SAP software (rather than a transaction-based segregation of duties matrix), Risk Analyzer reduces redundant report information and helps you eliminate “false positives.”
Comprehensive, easy-to-understand rulebooks. The Risk Analyzer rulebook contains the most common sensitive authorization and segregation-of-duties rules. The rulebook can easily be customized to meet your own business or auditor requirements.
Risk modeling pinpoints risks. “What-if” modeling analyses help you identify potential risks when new roles are assigned to users, new transactions are assigned to roles, or new authorizations are assigned to roles or users.
Monitoring helps enforce compliance. Automatically generate reports and notifications of risk execution; mitigate control executions and route them to an appropriate manager for review.
Remediate and mitigate risk. Report drill-downs contain the information your staff needs to make judgments on risk severity, then take immediate action to remediate or mitigate.
Maintain compliance and reduce audit preparation costs. Eliminate manually running SAP risk analysis reports and following up with reviewers. Risk Analyzer reduces the time, cost and frustration of maintaining compliance with automated monitoring. And its built-in workflow ensures documented review of audit-critical reports.
Get instant notification of incidents. Get notified in real time of executed risks in your SAP system. That allows you to immediately review incidents and document mitigating actions before it’s too late.
Reduce burdens on your resources. Dramatically reduce the burdens placed on your Security and Internal Audit teams—as well as the cost of establishing and maintaining clean security architecture—using the module’s integrated reporting functions.