SIVIS Mitigation Manager

Mitigate audit conflicts in the SAP system through compensatory controls

With the SIVIS Mitigation Manager, unavoidable audit conflicts can be mitigated. The smart tool automatically creates compensatory controls based on previously defined rules if audit conflicts arise in the SIVIS Compliance Manager.

Unavoidable critical conflicts in the SAP system

Administration of compensating controls

The SIVIS Mitigation Manager administers the execution of so-called compensatory controls. Compensatory controls may become necessary if critical audit conflicts cannot be avoided.
To perform their tasks, some users require a number of authorizations that lead to audit conflicts (SoD).

Since this cannot always be avoided, a responsible person must approve the conflicts.
When it comes to very critical authorizations, the management may need to control whether the user uses the critical authorizations for unauthorized activities.

The SIVIS Mitigation Manager


The SIVIS Mitigation Manager automatically recognizes, on the basis of defined roles, when an audit conflict arises and communicates this automatically to the persons responsible.


The tool simplifies the administration of compensatory controls. The persons responsible are automatically reminded periodically of the controls. The performed controls are documented.


The SIVIS Mitigation Manager provides security when normal security mechanisms, such as Segregation of Duties (SoD), are not applicable.

Mitigate critical conflicts

How does the SIVIS Mitigation Manager work?

The SIVIS Compliance Manager detects that audit conflicts occur with a user.
A responsible person has the possibility to remove the audit conflict or, if not otherwise possible, to approve the conflict. If a conflict is approved, the SIVIS Mitigation Manager uses preset rules to determine whether a specific audit conflict should lead to a compensatory control or not. If this is the case, the persons responsible for this are now periodically reminded by the SIVIS Mitigation Manager by email that a certain check must be carried out.

If a responsible person has performed the check, e.g. viewing the settings in the system or transaction data that could be generated by the user through critical authorizations, he reports this back in the SIVS Mitigation Manager.
Here, a comment can be entered and documents can be attached. The performed checks are stored by the system and can be called up at any time.

Compensating controls in the SAP system

What are compensating controls?

Compensating controls replace security mechanisms that are difficult or impractical to implement. For example, it is not always possible to implement clear separation of functions and tasks as a safety mechanism. A compensating control offers an alternative to the safety mechanism.

Frequently asked questions about the SIVIS Mitigation Manager

Yes, the SIVIS Mitigation Manager creates compensatory controls automatically on the basis of previously defined rules if an audit conflict arises.

The SIVIS Mitigation Manager manages additional controls designed to prevent abuse by users who have many authorizations.

Further managers for the administration of SAP users

Identity Manager

The SIVIS Identity Manager automates and simplifies the recording, control and administration of users and the associated access rights and approval processes. With the SIVIS Identity Manager you administer and document all SAP system accounts and authorizations of your users centrally.

Emergency Manager

SIVIS stands for SAP security. However, comprehensive security can only be achieved if it is also guaranteed in emergency and exceptional situations. The SIVIS Emergency Manager ensures that you remain in control even in these situations.

Compliance Manager

The SIVIS Compliance Manager supports you in closing compliance gaps in your SAP system and mitigating compliance risks. It analyzes the SAP authorization concept for weaknesses, risks and violations of laws and regulations similar to laws.

SIVIS Compliance
Reference Manager

The SIVIS Compliance Reference Manager is an extension for the SIVIS Compliance Manager. The SIVIS Compliance Reference Manager extends the SIVIS Compliance Manager by over 500 ready-made audit queries. These templates can be quickly and easily integrated into your SAP system landscape.

Scroll to Top

Your benefits at a glance

Your benefits at a glance

Request a live demo an learn more about our applications and services.
Whether Identity Management, Risk Management, Compliance, Licenses, Authorizations or any other SAP security topic.
We have the right solutions for your company.

Suchen Sie einen Marktüberblick

im Bereich IAM?

Finden Sie mit dem ausführlichen KuppingerCole Bericht eine geeignete Lösung für Ihr Unternehmen.

Skip to content