Compliance Quick Check
Uncomplicated and complete audit of your SAP authorization concept
Protect your company against unwanted access to your sensitive SAP data. We check your SAP authorization concept quickly and completely. With our SIVIS Compliance Quick Check, we uncover weak points in the system and provide concrete recommendations for action.
Compliance violations in your SAP authorization concept
A well thought-out SAP authorization concept is the be-all and end-all. Care should be taken from the outset to ensure that no risks arise from the combination of authorizations. In addition, sensitive authorizations should only be assigned when absolutely necessary. However, it happens time and again that too many critical authorizations are assigned due to the complex mechanism of additive authorization assignment or critical authorization combinations arise that were not foreseeable when the roles were assigned. It is therefore important to check the assigned authorizations and security settings at regular intervals.
Audit review for your SAP authorization concept
We provide you with an overview of the status of your SAP systems, authorizations and users. With the SIVIS Compliance Quick Check, we show you whether and where compliance violations exist in your SAP systems and check your authorization concept for any weak points. To do this, we analyze your SAP landscape for threats related to basic authorizations, critical authorizations and critical authorization combinations. We identify SoD conflicts and critical activities and evaluate users, roles and parameters.
How does the SIVIS Compliance Quick Check work?
In order to provide you with a comprehensive overview of critical security vulnerabilities, we implement an extractor in your SAP environment. This exports audit-relevant data such as user and role assignments. We check the extracted information for critical authorizations and authorization combinations using our established audit rules. In parallel, we analyze system parameters, password rules and user processes. We then evaluate the threats found.
In an on-site presentation, we show you the identified risks and define together with you the measures to be taken for your optimal security standard. Of course, the security roadmap also takes into account the individual requirements of your company.
11 good reasons for the SIVIS Compliance Quick Check!
Developed security concepts can be reused
Overview of critical security gaps
Increase of the overall security in the SAP system
Lower costs compared to manual checks
Identification of sensitive data
Optimal and fast preparation for the auditor
Audit by trained specialists with a lot of experience
Recommendations for action that fit your company individually
Concrete measures to protect against internal and external attacks
Audit along the DSAG audit guidelines and legal requirements
Fast, uncomplicated and complete audit of your SAP authorization concept
The SIVIS Compliance Quick Check compared to the manual audit check
(SIVIS Compliance Quick Check vs. SAP standard)
SAP standard/ Manual check
It is possible to perform the manual checks using the internal SAP tools such as SM19 or SM20. However, this procedure can be very difficult and time-consuming due to the complexity of SAP authorizations. Furthermore, the results of the manual check are usually incomplete.
SIVIS Compliance Quick Check
It is better to leave the authorization check to us. With the help of an external tool, we analyze your authorization concept quickly and easily. The SIVIS Compliance Quick Check also provides complete and accurate results and requires very little effort on your part.
Our specialists have excellent knowledge of the structure and functionalities of SAP systems. They also have comprehensive knowledge of the interaction of the various SAP components within the business processes.
This is the only way they can professionally assess the results of the audit in the relevant legal and corporate context.
In addition, our auditors have extensive practical experience. We regularly apply our broad, theoretical knowledge in a wide variety of companies.
Prepare your SAP authorization concept for the auditor
When creating an authorization concept and assigning authorizations, legal, quasi-legal and company-specific requirements must be observed. Violations of these can have significant consequences for the company.
Preparation for the auditor is a complex process
The auditor audits your SAP systems and thus, the authorization concept and the associated specifications. Optimal preparation for the audit by the auditor is a complex process that requires a lot of time and involves considerable effort through continuous documentation. It is important to prevent authorization violations from being discovered only by the auditor, as this leads to a high level of effort due to subsequent adjustments.
The SIVIS Compliance Quick Check takes the work off your hands
The SIVIS Compliance Quick Check gives you the opportunity to prepare for the auditor's visit quickly and easily in advance. You receive a comprehensive report on how your authorization concept stands. You also receive concrete recommendations for action to ensure compliance. This allows you to purge your SAP systems of sensitive authorizations and critical authorization combinations before the audit.