Avoiding Compliance Violations in the SAP System
Close GDPR security gaps with the SIVIS Compliance Manager
Compliance violations occur quickly and can be very expensive. The SIVIS Compliance Manager supports you in closing compliance gaps in your SAP system and mitigating compliance risks. It analyzes the SAP authorization concept for weaknesses, risks and violations of laws and law-like regulations.
The innovative SIVIS Compliance Manager
smart
Very specific audit queries can be created. These can be expressed very precisely using logical operators. Example: Show me all employees who do not work in Switzerland but make bookings in Switzerland.
simple
It is possible to get a quick and easy overview of the current system status.
safe
Continuous monitoring of the system. Arising conflicts due to role changes or role assignments are detected.
SIVIS Compliance Manager
All advantages at a glance
- Audit results can be printed as PDF file
- Mitigation of conflicts
- Suggested solutions, to currect conflicts quickly
- Analysis into the future (simulation) and past
- Analysis of roles and role assignments (user)
SAP Compliance SIVIS
How does the SIVIS Compliance Manager work?
The analysis of the changes takes place in form of a list of individual checks, which run in the background and are displayed in a SIVIS display program within the SAP system. During this process, the SIVIS Compliance Manager considers risks such as the assignment of basic authorizations, critical authorizations and critical combinations. The analysis provides you with all important information such as the users, roles, profiles or transactions concerned. This provides you with a very good basis for making further decisions.
01.
Audit-proof handling of SAP compliance risks
The compliance risks identified and simulated by the SIVIS Compliance Manager can be solved directly in the SIVIS Compliance Manager. You have the option of managing or mitigating the compliance violations. Mitigation is achieved through audit-compliant documentation. It is documented in an audit-proof way, who contributed which conflict and when. This creates absolute traceability for every conflict.
02.
Conflict analysis and proposed solutions for audit conflicts in the SAP system
The SIVIS Compliance Manager displays proposed solutions for the conflicts found for a user or a role. The proposed solutions suggest roles which should be withdrawn in order to avoid a particular audit conflict. You can also see which roles cause conflicts and for what reason.
03.
Preparation for the auditor/ Ensure complete traceability in the SAP system landscape
Traceability of the changes is important for the annual audit. Auditors value the fact that all changes in the SAP system landscape are traceable and fully documented. Every change made in the SIVIS Compliance Manager, such as mitigated audit conflicts, is documented uniformly, completely and traceably. The original state always remains visible. The auditor can see at a glance which audit conflicts exist in the system and is shown a mitigation status for each conflict.
04.
Reduce the manual effort of control activities
If a new transaction is assigned to a role or a user is assigned a new role, compliance risks arise in the SAP system. In order to detect and avoid these, a large manual control effort is necessary. The SIVIS Compliance Manager reliably relieves you of this effort by automating and standardizing manual processes. You can actively schedule your control runs and receive an overview of the compliance risks in the system. In this way, changes are constantly monitored and the system remains clean in the future.
Extend the SIVIS Compliance Manager
Simulation of the compliance status in real time with the SIVIS Identity Manager
Avoid compliance violations preventively. In addition to the SIVIS Identity Manager, the SIVIS Compliance Manager provides analysis in real time. Authorization conflicts are immediately detected and can be actively avoided. While changes are still being made in the SAP system, the SIVIS Compliance Manager analyzes and checks these in the background. During the change process, it simulates the effects of the changes and displays violations.
Frequently asked questions about the SIVIS Compliance Manager
How can we work with the tool if we only use the SIVIS Compliance and Compliance Reference Manager?
You can start audit runs and thus get an overview of the audit conflicts in the system. You can also mitigate the conflicts. If you change roles in the PFCG, the revised roles can be imported into SIVIS via an automated job and thus can also be checked for audit conflicts automatically. Without the SIVIS Identity Manager, however, you do not have the possibility of detecting conflicts in real time.
Mit dem Laden des Videos akzeptieren Sie die Datenschutzerklärung von YouTube.
Mehr erfahren
Further SIVIS managers for the administration of SAP users
SIVIS
Identity Manager
The SIVIS Identity Manager automates and simplifies the recording, control and administration of users and the associated access rights and approval processes. With the SIVIS Identity Manager you administer and document all SAP system accounts and authorizations of your users centrally.
SIVIS
Mitigation Manager
With the SIVIS Mitigation Manager, unavoidable audit conflicts can be mitigated. The smart tool automatically creates compensatory controls based on previously defined rules if audit conflicts arise in the SIVIS Compliance Manager.
SIVIS Compliance
Reference Manager
The SIVIS Compliance Reference Manager is an extension for the SIVIS Compliance Manager. The SIVIS Compliance Reference Manager extends the SIVIS Compliance Manager by over 500 ready-made audit queries. These templates can be quickly and easily integrated into your SAP system landscape.
SIVIS
Emergency Manager
SIVIS stands for SAP security. However, comprehensive security can only be achieved if it is also guaranteed in emergency and exceptional situations. The SIVIS Emergency Manager ensures that you remain in control even in these situations.