Monitoring excessive access in SAP ERP for consultants and administrators
smartAccess - excessive user rights under control
The smartAccess application enables gaining excessive access rights in the SAP system while simultaneously controlling the access risks
resulting from temporal access assignment. This is possible thanks to advanced event logging mechanisms.
When is it worth it?
smartAccess screen gallery
FAQ – find out more about smartAccess
The smartGRC application is a separate stand-alone system, which can be installed in your personal environment or made available from the cloud. Installation of the system requires preparing an application server (Windows) and a database server (SQL).
The smartGRC application connects through a SAP interface dedicated to JAVA systems – a JCo connection. Standard SAP programs are used to download data from the SAP system, launched for reading data with parameters set by smartGRC.
3-4 weeks, assuming a standard process and no more than 10 administrators and consultants accounts for 2-3 SAP systems. A greater number of accounts or SAP systems generates additional complexity in the implementation process (configuration, training, and transition of knowledge), which grows with the number of stakeholders and operated SAP systems. However, the duration of more complex projects does not exceed 3 months.
The product has a wider spectrum of reported information realized during special / emergency sessions than its market alternatives, such as creating financial or storage documents, and a detailed documentation of changes, among others. such as creating financial or storage documents, and a detailed documentation of changes, among others. It has built-in safeguards for when an administrator attempts to start an emergency session bypassing smartAccess (usage is reported). It is intuitive in use, based on the familiar environment of a web browser.
Yes, it can support any given system, including ones not based on ABAP technology, but in such a case it is necessary to prepare a dedicated connector, which may extend the implementation and installation process. Currently the system includes connectors to: Active Directory, Remedy, and Service desk.