Soterion is a leading provider of SAP Governance, Risk and Compliance (GRC) solutions. Soterion’s user-friendly GRC solutions provide SAP customers with in-depth access risk reporting in a business-friendly language. This allows organisations to effectively understand and manage their access risk exposure.
Soterion is passionate about simplifying the GRC processes, with a focus on enhancing better decision-making and business accountability.
For more than 10 years, Soterion has provided customers with a holistic offering; combining business-centric GRC software with expert SAP security consulting services, just the combination organisations need to maximise the value of their GRC investment.
Soterion’s plug-and-play GRC solution is easy to learn, S/4HANA ready and boasts an award-winning user experience. Organisations running SAP can make use of Soterion’s GRC security suite either as an on-premise or secure cloud offering. Access risk is business risk. Soterion believes that effective GRC is measured by how well the business users can carry out their access risk management activities. Our business-friendly GRC solution enhances the organisation’s overall risk awareness by empowering business buy-in and accountability of access risk.
Soterion’s solution suite enables organisations to gain visibility and effectively manage their access risk exposure.
- Access Risk Manager
The Access Risk Manager includes core access risk control features to manage SAP access risk. These include identification (Identify Risk), risk remediation (Get Clean), user access change management (Stay Clean simulations), and risk mitigation (Stay in Control).
- Elevated Rights Manager
The Elevated Rights Manager grants sensitive fire-fighting access in an automated workflow-driven process, and enables the management team to perform a structured review of any activities that were performed during the Elevated Rights Access period.
- Periodic Review Manager
The Periodic Review Manager allows business users to review access in the context of risk and business processes, ensuring informed and effective decision making. This business-friendly process is easily managed using progress dashboards to expedite the review process. This process will significantly enhance insights into the GRC environment, as well as being an audit and statutory requirement for many organisations.
- Central Identity Manager
The Central Identity Manager introduces the Business Role concept to improve efficiencies in the SAP user provisioning process. Standardisation of job functions across the organisation reduces complexity and the effort required to manage and review SAP user access. The Central User Administration functionality further reduces the support effort and cost to manage user access across the SAP landscape, including non-productive SAP systems.
- Data Privacy Manager
Manage personal data in SAP and monitor which SAP users have access to sensitive personal information. The Data Privacy Manager analyses all tables in SAP and highlights those that contain fields with personal or sensitive information, categorising the data by Data Domain (such as bank details, email addresses and ID numbers) and per Data Subject (business partner, vendor, customer, employee and SAP user).
- Password Self-Service
Soterion provides users with the ability to reset their SAP passwords. This vastly reduces the burden on the authorisation support team, saving cost and time. The self-service functionality reduces business down-time by empowering users to reset passwords instantly.
- Basis Review Manager
SAP Basis Configurations provide system-level controls to secure an SAP system. The Basis Review Manager compares your SAP Basis configuration to an industry best-practice set of rules. Since these configurations usually form part of an annual external audit, our Basis Review Manager will allow you to be prepared, and will establish complete compliance to avoid adverse audit findings.
- SAP License Manager
The SAP License Manager identifies under-utilised and incorrectly classified SAP User accounts by monitoring user activity in SAP for effective license optimisation. This ensures optimal contract management and compliance whilst reducing unplanned and excess costs.
Take Your GRC to the Next Level.
Get in touch with one of Soterion’s SAP security consultants for advice or feel free to email info@soterion.com to discuss your organisation’s GRC needs.
This article is sponsored by Soterion