Xpandion Blog

  • Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
Yoav Michaeli

Yoav Michaeli

Yoav Michaeli joined Xpandion in 2008 as a team leader, and in 2010 Mr. Michaeli began managing the entire Research & Development group of the company. Prior to joining Xpandion, Mr. Michaeli served in an elite technological unit of the Israeli Defense Forces as a team leader for various key military projects. Among other achievements, he was instrumental in pioneering the use of advanced .NET technologies for large scale distributed systems. Mr. Michaeli is an expert in programming, agile development, application security and specialized programming techniques.

There’s a tricky little process with an innocent-sounding name, and it’s something that goes on in your organization far more frequently than you’d imagine. Can you guess what it is? It’s called “IT Access” (AKA “Emergency Access”) – and auditors love it. 

 IT access

Continue reading
Hits: 3521 0 Comments

If your organization has run an SAP system for three years or more, you probably suffer from what we like to refer to as “Deceiving Authorization Roles syndrome.”
SAP Authorization Roles with deceiving one
Whether you’re familiar with this pesky problem or not, maintaining authorization roles for a few years, adding and removing activities and authorization objects, and creating new ones and deleting others all create situations in which authorization roles have names that incorrectly represent their content. This can lead to SAP admins unintentionally granting users with the wrong authorizations.

 

Continue reading
Hits: 7649 2 Comments

Programmers, have you ever wondered what the fastest way to scare a business user is? It’s easy – just put a breakpoint in your code so that when someone uses it, the program stops and reverts back to code level.
This is a surefire way to freak out business users, SAP implementers and even SAP authorizations users. From our experience, there’s nothing scarier for a non-programmer than to think their software is “broken.”

SAP editor presenting code without SAP authorizations

Continue reading
Hits: 8054 0 Comments

Say the word “workflow” and most people would probably think you mean a step-by-step process that involves logistics processes or financial modules. Well… this is mostly true, but what about a workflow process for SAP licensing? From our experience, using a workflow here could lead to very interesting and surprising cost saving situations.

mark-516278_640.jpg

Continue reading
Hits: 6462 1 Comment

The first part of this blog was published a few weeks ago. We talked about the steps needed to maintain your company's authorizations when you implement SAP support packages, and you need to replace T-Codes. This blog will continue on through the final steps.

iStock_000015527840XSmall.jpeg

Continue reading
Hits: 6765 0 Comments

When it comes to handling GRC conflicts, is it better to use an alerting tool or a simulation tool? They both manage conflicts, but one is predictive and the other happens after the fact. Well, there is no one solution; the key is to use them in combination to promise a peaceful process and clean GRC audit report.

iStock_000006872507XSmall.jpg

Continue reading
Hits: 6438 0 Comments

If you haven’t already noticed, in some SAP support packages several T-Codes have been replaced with other T-Codes. These changes create a challenge in maintaining your company’s authorizations, and there are also implications to the GRC module. So, what do you do?

iStock_000015527840XSmall.jpeg

Continue reading
Hits: 7132 2 Comments

Authorization Fields – Just a Quick Explanation

Screen_Shot_2014-04-24_at_10.24.54_AM.png

Authorization fields are the basic elements of an authorization object.

For example, in an authorization object for a company code, if you’d like to allow the user to use screens in company code 1000 in “Display” mode only, but company code 2000 in “Change” and “Display” modes, you will probably define the object with two instances:

  • Company 1000, Activity “Display” – in technical terms BUKRS = 1000, ACTVT = 03
  • Company 2000, Activities “Change” and “Display” – in technical terms BUKRS = 2000, ACTVT = 02, 03

And then you’d put these instances into an authorization role and grant the role to the user.

Now, for the Stats

Continue reading
Hits: 9848 9 Comments

What are your organization’s top three most sensitive T-Codes; the ones that you’re really careful about granting? You’ve had to think about this before, either during an authorization-inspection project, a GRC project or when asked by an auditor. Can you name the “top three?” I’m sure you can. And I’m sure you probably wouldn’t give it a second thought.

iStock_000013987109XSmall.jpg

Continue reading
Hits: 13949 0 Comments

Posted by in Xpandion

Xpandion creates “behavior-based profiling” for business applications. Sounds impressive, huh? However, do you know what it means, exactly?

b2ap3 thumbnail Xpandion-Behavior-Based-Profile 20130910-143853 1

Continue reading
Hits: 7065 0 Comments


Headquarters

+972-3-624-4245

157 Yigal Alon Street,

Tel Aviv 67443, Israel

info@xpandion.com

US Office

+1-800-707-5144

33 West 19th Street, New York,

NY 10011, USA

info.us@xpandion.com

India Office

+91-989-2546216

C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India

info@xpandion.com