• Home
    Blog Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.

There’s a tricky little process with an innocent-sounding name, and it’s something that goes on in your organization far more frequently than you’d imagine. Can you guess what it is? It’s called “IT Access” (AKA “Emergency Access”) – and auditors love it. 

 IT access

Continue reading
Hits: 3931 0 Comments

If your organization has run an SAP system for three years or more, you probably suffer from what we like to refer to as “Deceiving Authorization Roles syndrome.”
SAP Authorization Roles with deceiving one
Whether you’re familiar with this pesky problem or not, maintaining authorization roles for a few years, adding and removing activities and authorization objects, and creating new ones and deleting others all create situations in which authorization roles have names that incorrectly represent their content. This can lead to SAP admins unintentionally granting users with the wrong authorizations.

 

Continue reading
Hits: 7965 2 Comments

Programmers, have you ever wondered what the fastest way to scare a business user is? It’s easy – just put a breakpoint in your code so that when someone uses it, the program stops and reverts back to code level.
This is a surefire way to freak out business users, SAP implementers and even SAP authorizations users. From our experience, there’s nothing scarier for a non-programmer than to think their software is “broken.”

SAP editor presenting code without SAP authorizations

Continue reading
Hits: 8297 0 Comments

“Leaving us so soon, Mr. Solo?” This famous quote might sound good in the movies, but in a business environment, the event of an employee leaving your company can cause some serious security issues if not treated properly. Let’s talk about why and what you can do to prevent these risky situations.

SAP-Security-and-Irregular-User-Activity

Two Types of Employee Leave

In general, there are two types of leave: planned leave and unplanned leave. Both are different and should be handled accordingly.

Continue reading
Hits: 6202 0 Comments
Hits: 7256 0 Comments

It seems that many people fumble through the authorization process in SAP, not really knowing that there are things they are missing.

iStock_000009905028XSmall.jpg

Continue reading
Hits: 6198 0 Comments

What? It’s already the third quarter? Yes, it is. We suddenly realized it ourselves, and wanted to make sure to remind you authorization managers and CISOs what you’ll be facing during this second half of the year. We’re assuming that these three things are already on your task list for Q3/Q4 (and if not, they should be), but we thought it would be nice to summarize them anyway.

iStock_000020142404XSmall.jpeg

Continue reading
Hits: 8589 0 Comments

Many small and medium sized companies struggle with this challenge. Let’s say they have a sales representative who’s located in another country. Which authorizations should he get? Should he have access to the SAP system at all? If so, should he be allowed to only see SAP reports (“view only”) or should he issue sales documents too? The answer is not easy, and might involve solving or remediating Segregation of Duties violations during the analysis process.

 iStock_000020168207XSmall.jpeg

Continue reading
Hits: 6965 0 Comments

The first part of this blog was published a few weeks ago. We talked about the steps needed to maintain your company's authorizations when you implement SAP support packages, and you need to replace T-Codes. This blog will continue on through the final steps.

iStock_000015527840XSmall.jpeg

Continue reading
Hits: 6985 0 Comments

If you haven’t already noticed, in some SAP support packages several T-Codes have been replaced with other T-Codes. These changes create a challenge in maintaining your company’s authorizations, and there are also implications to the GRC module. So, what do you do?

iStock_000015527840XSmall.jpeg

Continue reading
Hits: 7390 2 Comments

Headquarters

+972-3-624-4245

157 Yigal Alon Street,

Tel Aviv 67443, Israel

info@xpandion.com

US Office

+1-800-707-5144

33 West 19th Street, New York,

NY 10011, USA

info.us@xpandion.com

India Office

+91-989-2546216

C 103, Akruti Orchid Park, Andheri-Kurla Road,

Andheri East, Mumbai, India

info@xpandion.com