Authorizations and ITGC in SAP
Your Mission
You are an auditor and want to check the compliance of a SAP system landscape efficiently and in a documented way. There are two main areas of interest here: One area of concern are the assignments of authorizations according to the need-to-know principle while ensuring the segregation-of-duty. And the other one is the compliant operation of the SAP installation itself - the IT General Controls (ITGC). The ITGC can be further subdivided into the areas "Access", "Change" and "Operations". This task is a challenge for one SAP system without any tools. In the case of multiple and distributed systems, this cannot be achieved without dedicated software.
Our Approach
Our software ISPICIO_S is a lightweight but powerful desktop software that generates standardized reports based on SAP tables and checking rules. It enables you to download the required SAP tables via the RFC interface. The SAP raw tables can thus be stored in an audit-proof manner and the analyses performed can be traced at any time. Our checking rules in regard to authorizations (incl. SoD) and the SAP profile parameter can be maintained and extended easily and transparently in Excel.
Key Benefits
Our software is easy-to-use and supports you in many ways. In the course of authorization audits, ISPICIO_S analyses users and roles at authorization object level. ISPICIO_S is therefore ideal for role maintenance and user recertification. And with the possibility to maintain the checking rules in Excel by yourself, you can define custom SoD-conflicts and integrate custom developments (Z transactions). Another advantage of our approach is that nothing needs to be installed in SAP for data extraction. RFC read permissions suffice. And with our free ISPICIO_X, your clients or your administrators in remote areas can, for example, easily and comfortably perform the data extraction for you. We call this asynchronous use.
Interested?
You would like to test our software and for 14 days free of charge? Simply contact us. We would be happy to arrange a free screensharing session (1 hour).