Audit/SoD (ACS)

THIS EVENT WILL TAKE PLACE FACE-TO-FACE AT CLOCKHOUSE PLACE

Paul Lloyd-Smith and James Wainaina from SAP will present Segregation of Duties and Roles in S/4HANA

Understanding the Roles in S/4HANA and how they differ from ECC and things to consider when moving. How people are challenged with manual user, role and S.o.D management.

Paul Lloyd-Smith and James Wainaina from SAP will present Identify & Access Management

How to setup for success for your SAP Joiner, Mover , Leaver process starting with HR Employee Management. The benefits of connecting SAP Identity Authentication Service (IAS) and Identity Provisioning Service (IPS) and Identity Access Governance (IAG). How this is all able to be monitored within the SAP Analytics Cloud.

Simon Persin from Turnkey Consulting will present How to achieve effective access governance

This session will discuss and accentuate the integration points between identity and access management processes and the needs for fine grained access governances. The structure of the role design and the entitlements are hugely significant to allow processes to be optimised for effective decision making. Access controls, in the form of restrictions are often the first choice for managing business risks and therefore Access Restrictions are also a key control in most corporate environments. The session will highlight key considerations, constraints and dependencies on access restrictions and how to approach the overall solution.

Simon Persin from Turnkey Consulting will present How Enterprise IAM solutions fit into the wider controls environment

IAM solutions are often primarily focused on the processes of quickly getting entitlements assigned to users. The secondary objective is to provide a coherent and trusted control mechanism to respond to business risks over unmanaged access. This session will seek to explain how both the efficiency and governance objectives can be met through an effective IAM solution. However this session will also shine a light on the common barriers IAM programmes face in achieving the intended outcomes. Making sense of the available data is a significant part of the implementation complexity with user information, privileges and entitlements, target applications and technology integrations and governing business processes as key considerations. When implemented correctly, IAM is a key tool in the armoury of the compliance function that often underpins the key responses to business risks. This session will also showcase how IAM fits into the wider compliance organization and delivers not just business efficiency but reduces business risk as well.

Paul Squires from SailPoint will present IGA : Compliance and beyond

This session will look at how IGA creates a platform to enable access controls, enable a decision framework and how the same solutions can be leveraged beyond those compliance and governance based approaches.

The reality is that user identity data is both pervasive and distributed; a good identity governance programme will help make sense of that, leverage the wider data in your controls and enabling better decisions. Leveraging identity data in a better way can also help drive additional benefits beyond meeting compliance requirements.

Our Audit, Control and Security (ACS) SIG is a well-supported group attended by a cross-section of professionals working with SAP and representing the following business areas: IT Security; (including SAP Basis experts) IT & Financial Audit and Risk Management.