smartSoD
Access risk repository SoD matrix and critical accesses
smartSoD - appropriate segregation of duties
smartSoD application has a comprehensive library designed to address segregation of duties (SoD) risks and critical technical and business system accesses. Based on 12 years of project experience and insights from over 100 customers across various industries, this library serves as an resource for projects aimed at improving or redesigning user authorizations. It significantly reduces implementation time by offering a wealth of knowledge. The library has more than 125 SoD risks and over 50 critical accesses, and the application supports the management of both standard and customized transactions.
When is it worth it?
- Not defined segregation of duties risk matrix as the basis for provisioning user authorizations
- No list of critical access (IT & business)
- Lack of consistency - many roles and authorizations, created in different time periods by different consultants, motivated by various project initiatives
- Recurring auditing recommendations to control this area better / more attentively
Complete database content - SoD and sensitive transactions
Summary - why is it worth using?
smartSoD delivers segregation of duties matrix repositories and sensitive access in SAP ERP class systems. It helps to accelerate the process of implementing the proper segregation of duties in SAP authorizations.
Main functionalities of smartSoD:
- A central business repository containing a list of sensitive transactions and segregation of duties risks and conflicts
- An engine that allows to import of data regarding authorizations from different SAP systems (ECC / S4CORE) and field-specific systems via XML
- Application support for the definition of dictionary objects, users can easily add new definitions of custom transactions
- Support for work with spreadsheets (importing of data to a matrix from an Excel sheet)
- Enables easier start of authorizations restructuring projects
smartSoD screen gallery
References
FAQ – find out more about smartSoD
smartSoD is an indispensable service from the perspective of security of processes and business actions executed in a SAP system. Below you may find the answers to the most frequently asked questions about our solution.
The smartGRC application is a separate stand-alone system, which can be installed in your personal environment or made available from the cloud. Installation of the system requires preparing an application server (Windows) and a database server (SQL).
The smartGRC application connects through a SAP interface dedicated to JAVA systems – a JCo connection. Standard SAP programs are used to download data from the SAP system, launched for reading data with parameters set by smartGRC.
3-4 weeks, assuming a standard process and no more than 10 administrators and consultants accounts for 2-3 SAP systems. A greater number of accounts or SAP systems generates additional complexity in the implementation process (configuration, training, and transition of knowledge), which grows with the number of stakeholders and operated SAP systems. However, the duration of more complex projects does not exceed 3 months.
The product has a wider spectrum of reported information realized during special / emergency sessions than its market alternatives, such as creating financial or storage documents, and a detailed documentation of changes, among others. such as creating financial or storage documents, and a detailed documentation of changes, among others. It has built-in safeguards for when an administrator attempts to start an emergency session bypassing smartSoD (usage is reported). It is intuitive in use, based on the familiar environment of a web browser.
Yes, it can support any given system, including ones not based on ABAP technology, but in such a case it is necessary to prepare a dedicated connector, which may extend the implementation and installation process. Currently the system includes connectors to: Active Directory, Remedy, and Service desk.
I want to see how smartSOD works
Fill out the form below and we will contact you with a presentation of our offer and the capabilities of the module.
- emergency access
- SAP security
- firefighter