SIVIS Compliance Manager
Security and compliance for your SAP system
Avoiding Compliance Violations in the SAP System
Close GDPR security gaps with the SIVIS Compliance Manager
Compliance violations occur quickly and can be very expensive. The SIVIS Compliance Manager supports you in closing compliance gaps in your SAP system and mitigating compliance risks. It analyzes the SAP authorization concept for weaknesses, risks and violations of laws and law-like regulations.
The innovative SIVIS Compliance Manager
Very specific audit queries can be created. These can be expressed very precisely using logical operators. Example: Show me all employees who do not work in Switzerland but make bookings in Switzerland.
It is possible to get a quick and easy overview of the current system status.
Continuous monitoring of the system. Arising conflicts due to role changes or role assignments are detected.
SIVIS Compliance Manager
All advantages at a glance
SAP Compliance SIVIS
How does the SIVIS Compliance Manager work?
The analysis of the changes takes place in form of a list of individual checks, which run in the background and are displayed in a SIVIS display program within the SAP system. During this process, the SIVIS Compliance Manager considers risks such as the assignment of basic authorizations, critical authorizations and critical combinations. The analysis provides you with all important information such as the users, roles, profiles or transactions concerned. This provides you with a very good basis for making further decisions.
Audit-proof handling of SAP compliance risks
The compliance risks identified and simulated by the SIVIS Compliance Manager can be solved directly in the SIVIS Compliance Manager. You have the option of managing or mitigating the compliance violations. Mitigation is achieved through audit-compliant documentation. It is documented in an audit-proof way, who contributed which conflict and when. This creates absolute traceability for every conflict.
Conflict analysis and proposed solutions for audit conflicts in the SAP system
The SIVIS Compliance Manager displays proposed solutions for the conflicts found for a user or a role. The proposed solutions suggest roles which should be withdrawn in order to avoid a particular audit conflict. You can also see which roles cause conflicts and for what reason.
Preparation for the auditor/ Ensure complete traceability in the SAP system landscape
Traceability of the changes is important for the annual audit. Auditors value the fact that all changes in the SAP system landscape are traceable and fully documented. Every change made in the SIVIS Compliance Manager, such as mitigated audit conflicts, is documented uniformly, completely and traceably. The original state always remains visible. The auditor can see at a glance which audit conflicts exist in the system and is shown a mitigation status for each conflict.
Reduce the manual effort of control activities
If a new transaction is assigned to a role or a user is assigned a new role, compliance risks arise in the SAP system. In order to detect and avoid these, a large manual control effort is necessary. The SIVIS Compliance Manager reliably relieves you of this effort by automating and standardizing manual processes. You can actively schedule your control runs and receive an overview of the compliance risks in the system. In this way, changes are constantly monitored and the system remains clean in the future.
Extend the SIVIS Compliance Manager
Simulation of the compliance status in real time with the SIVIS Identity Manager
Avoid compliance violations preventively. In addition to the SIVIS Identity Manager, the SIVIS Compliance Manager provides analysis in real time. Authorization conflicts are immediately detected and can be actively avoided. While changes are still being made in the SAP system, the SIVIS Compliance Manager analyzes and checks these in the background. During the change process, it simulates the effects of the changes and displays violations.
Frequently asked questions about the SIVIS Compliance Manager
You can start audit runs and thus get an overview of the audit conflicts in the system. You can also mitigate the conflicts. If you change roles in the PFCG, the revised roles can be imported into SIVIS via an automated job and thus can also be checked for audit conflicts automatically. Without the SIVIS Identity Manager, however, you do not have the possibility of detecting conflicts in real time.