SAP Role Design Review

Service Summary

 

Winterhawk • Consulting • Consultant • Global • SAP • GRCWinterhawk’s SAP Role Design Review is a fixed price service designed to evaluate a customer’s existing SAP Role Design.

Our highly skilled resources leverage our SAP Role Design Review database to efficiently extract and process an organization’s SAP security data. The SAP Role Design Review database contains scripts that analyze the SAP security data in order to identify:

 

  • The assignment of sensitive business transactions to end users and roles
  • The assignment of sensitive administrative transactions to end users and roles
  • The assignment of sensitive authorization objects within roles
  • The manual insertion of authorization object S_TCODE for transaction access
  • The quality of the design based on user usage compared to user access
  • The adequacy of naming conventions
  • The assignment of organizational access
  • The usage of manual authorization changes in Roles
  • Table USOBT_C maintenance through transaction code SU24
  • Direct profile assignments to end users
  • Unassigned roles in Production
  • Create and change activities assigned in display and reporting roles

For additional information

Get in touch for
SAP Role Design
Review

E-mail us!

SAP Role Design Review

Approach

 

Winterhawk • Consulting • Consultant • Global • SAP • GRC Winterhawk begins the review by interviewing key customer stakeholders to gain a thorough understanding of the as-is SAP Role Design, automate the initial analysis of the customer’s SAP Security data using our proprietary SAP Role Design Review database, and prepare a comprehensive report using Winterhawk’s highly skilled resources with deep SAP Security knowledge.

Specifically, we perform the following activities:

  • Hold a requirements gathering session with the customer to review the sensitive business and administrative transactions as defined by Winterhawk and incorporate additional standard and custom transactions the customer requests
  • Obtain user usage information from the customer’s in scope SAP environment(s)
  • Obtain security table data from the customer’s in scope SAP environment(s)
  • Process the security and usage data in Winterhawk’s SAP Role Design analytical database

After the scripts are executed, our experts will analyze and assess the data and prepare a comprehensive report with findings and actionable recommendations.

These reports frequently identify high risk issues that can be quickly remediated by the organization (eg. users with the SAP_ALL profile) and often lead to an organization requesting a full scale SAP role re-design.

If required, a detailed project/work plan showing the cost to implement the remediation recommendations can be prepared.