Many small and medium sized companies struggle with this challenge. Let’s say they have a sales representative who’s located in another country. Which authorizations should he get? Should he have access to the SAP system at all? If so, should he be allowed to only see SAP reports (“view only”) or should he issue sales documents too? The answer is not easy, and might involve solving or remediating Segregation of Duties violations during the analysis process.