Our user, role and SAP security reviews will help you stay on top of best practice SAP security management and help avoid costly projects to remediate issues and to re-design your roles. By highlighting issues proactively in good time, we can recommend small adjustments and corrections that might be needed rather than letting them build up and proliferate into harder to manage and costly projects.

Problems we solve

Even the perfect SAP security design managed by a world class team will come a little out of step over time. Erroneous roles assigned to users, transactions added to incorrect roles is all very common practice and causes issues around segregation of duties and access creep.

This is of course inherently bad, yet very hard to identify as it’s happening. Invariably, these things get spotted during audits so what better time to conduct a proactive check of your security status ahead of your audit. Our reviews are quick to turn around and will provide you with actionable insights to tidy up before audit time.

The Pumpkin advantage

Our proactive security reviews will help you minimise the risk of security incidents and defects from happening, avoiding unnecessary cost of resolving as well as avoid the risk of putting the business on stop.

Minimise the cost of and time lost due to security outages and defects.

Help keep your SAP systems running and keep them safe 24/7 and help you minimise the cost of and time lost due to security outages and defects.

From the Pumpkin Library

 

Solutions we offer

  • We’ll conduct a full user access review, helping you find issues (SoD, sensitive access, cross-pollination, GDPR etc.) before audit do.

    We’ll look at role build best practice and conduct a full sustainability review, looking at and recommending how you can refine your role design for compliance, supportability and cost of maintenance purposes.

    There is more to good SAP Security than just users and roles, we will also review and show you how to fine-tune your security settings meaning your technical system security will be assured to be best practice.

  • Looking at GRC end to end, we’ll look at things such as your SoD ruleset, critical transactions, emergency access ID’s and that the process of log review is effective and that the GRC solution is being effective within the business of helping you manage access related risks.