AAG Risk Ruleset for SAP ECC

Developed by Saviynt

Overview

Governance, Risk and Access Compliance Management. Separation of Duties (SOD) and Sensitive Access risk rulesets identify user access risks to be monitored/mitigated or remediated by the business.

The SAP ECC ruleset includes 200+ risks across the business process areas of Basis, Cross-Application, Finance, HR and Payroll, Materials Management, Plant Maintenance, Procure to Pay and Order to Cash. The ruleset currently includes reviews of fine-grained entitlements at the Tcode, Authorization Object, Field and Field Value levels.

Features

Saviynt provides out-of-the-box rulesets and controls that build the foundation for reducing both potential and real SOD violations. It establishes SOD and sensitive access checks at a fine-grained level to avoid false positives and gain efficiencies during compliance reviews. This helps users prioritize remediation efforts and provides an effortless audit trail. Saviynt’s deep integration with each SaaS or onpremises application provides levels of detection not found in coarse-grained Governance, Risk, and Compliance (GRC) solutions. Saviynt’s Application Access Governanace (AAG) solution provides SOD and sensitive access rulesets in which the following are predefined:

  • Risks.
  • Functions associated with the risk.
  • Description of the risks.
  • Objects within a function.
  • Risk priority: Critical, high, medium, low.
  • Risk status: Active or inactive.
  • Risk type: SOD or critical access.
  • Risk Owners.
  • Business process.
  • Mapping of the functions associated with a business process.
App Type SoD Rulesets
Categories Enterprise Resource Planning (ERP)
Documentation View Docs