Our user, role and SAP security reviews will help you stay on top of best practice SAP security management and help avoid costly projects to remediate issues and to re-design your roles. By highlighting issues proactively in good time, we can recommend small adjustments and corrections that might be needed rather than letting them build up and proliferate into harder to manage and costly projects.

Problems we solve

Even the perfect SAP security design managed by a world class team will come a little out of step over time. Erroneous roles assigned to users, transactions added to incorrect roles is all very common practice and causes issues around segregation of duties and access creep.

This is of course inherently bad, yet very hard to identify as it’s happening. Invariably, these things get spotted during audits so what better time to conduct a proactive check of your security status ahead of your audit. Our reviews are quick to turn around and will provide you with actionable insights to tidy up before audit time.

The Pumpkin advantage

Our proactive security reviews will help you minimise the risk of security incidents and defects from happening, avoiding unnecessary cost of resolving as well as avoid the risk of putting the business on stop.

Minimise the cost of and time lost due to security outages and defects.

Help keep your SAP systems running and keep them safe 24/7 and help you minimise the cost of and time lost due to security outages and defects.

From the Pumpkin Library

 
Featured
The big balancing act: SAP security for support & development teams
The big balancing act: SAP security for support & development teams

One for the ages: getting the balance right between control and empowering support and development teams.

Read More →
Closing the net on back door access via custom developments
Closing the net on back door access via custom developments

If I were accountable for security of an SAP system, this is a subject I’d really be focused on.

Read More →
SoD compliance: Still a challenge for organisations of all sizes in 2023
SoD compliance: Still a challenge for organisations of all sizes in 2023

The perennial issue of SoD management doesn’t go away and if you’re not doing something about it, this is for you!

Read More →
The hidden costs of outdated SAP role models and what to do about it
The hidden costs of outdated SAP role models and what to do about it

The importance of keeping your role design up to date to support business requirements and minimise costs.

Read More →
New orange paper: Fiori security
New orange paper: Fiori security

Pumpkin orange papers: an introduction to troubleshooting security problems in Fiori

Read More →

Solutions we offer

  • We’ll conduct a full user access review, helping you find issues (SoD, sensitive access, cross-pollination, GDPR etc.) before audit do.

    We’ll look at role build best practice and conduct a full sustainability review, looking at and recommending how you can refine your role design for compliance, supportability and cost of maintenance purposes.

    There is more to good SAP Security than just users and roles, we will also review and show you how to fine-tune your security settings meaning your technical system security will be assured to be best practice.

  • Looking at GRC end to end, we’ll look at things such as your SoD ruleset, critical transactions, emergency access ID’s and that the process of log review is effective and that the GRC solution is being effective within the business of helping you manage access related risks.