User Access Control and Compliance

in One Unified Cloud & On-Premises Environment


  • "Our long-term relationship with Xpandion started as we entered into a very large global rollout project; ever since we have been enjoying the company’s products and innovations...."

    Avi Averbuch, Global Authorization Manager at ZIM

  • "Choosing Xpandion’s ProfileTailor Dynamics for our organization has proven to be an excellent decision. We have now maintained control over Segregation of Duties, locating any sensitive accounts and identifying the actual user and exact time of use..."

    Richard Symes, SAP Competence Manager at Scapa

  • "ProfileTailor significantly increased the hospital’s security level by eliminating SAP_ALL authorizations, narrowing authorizations according to actual usage, and removing inactive users..."

    Rafi Maman, SAP Division Manager at Hadassah Medical Center

About Xpandion

Xpandion is the leading provider of ERP usage inspection solutions, delivering unprecedented real-time visibility into management systems, significantly improving security, optimizing licensing usage and enabling GRC/SOX compliance. Available in cloud or on-premises, Xpandion’s ProfileTailor™ Dynamics suite is implemented rapidly and does not require any changes to monitored systems.


Honors & Certifications

gartner cloud sap sap-cert sap-cert


in Security & AuthorizationsPosted by Yoav Michaeli

Authorization Fields – Interesting Stats for SAP Authorization Experts

Authorization Fields – Just a Quick Explanation Authorization fields are the basic elements of an authorization object. For example, in an authorization object for a company code, if you’d like to allow the user to use screens in company code 1000 in “Display” mode only, but company code 2000 in “Change” and “Display” modes, you will probably define the object with two instances: Company 1000, Act... read more...

in Security & AuthorizationsPosted by Dror Aviv

The Three Top Authorization Objects: What Are They?

Even though Authorization Objects are the most basic components in the SAP authorization world, they make SAP much more secure. Many organizations argue that you should use Authorization Objects like you spice food: If spices are used properly, there’s total harmony and you can’t live without them. But if they are overused, they ruin the dish and the whole authorization mechanism becomes too diffi... read more...

in Security & AuthorizationsPosted by Moshe Panzer

How to Tell Your Mother That You’re an SAP Authorization Manager

Oh Mama! Although the title of this blog refers to mothers, it’s really referring to anyone who’s not technically savvy. The people that, when you tell them that you’re the new authorization manager at your corporation will squint their eyes and say, “Well, I’m sure it’s great and everything, but what does that mean?” The family members who, when they want to show off to their friends, tell them h... read more...

Subscribe to our newsletter:



157 Yigal Alon Street, Tel Aviv 67443, Israel

US Office


33 West 19th Street, New York, NY 10011, USA