Access governance, role design, and segregation of duties

James Roeske, Customer Advisory Group

Explore the details of functionality, differentiators, and important platform aspects in the latest SAP on-premise and cloud provisioning and compliance solutions. Dive into SAP Access Control 12.0 and SAP Cloud Identity Access Governance and learn which application, platform, and functionality is best for your current and long-term compliance and provisioning requirements. Attend this session to ... More »

Jennifer Corbett, Lockheed Martin
Joleen Lazecki, Lockheed Martin

Attend this session to learn how Lockheed Martin, an American global aerospace, defense, security and advanced technologies company, evolved its access management strategy and improved its overall risk posture through the implementation of common processes, technology, and governance. Attend this session to ... More »

Sabine Baumer, UGI Utilities

Explore the journey undertaken by UGI Utilities to leverage SAP Access Control 10.1 to achieve an enterprise-wide security model for SAP and non-SAP applications. Attend this session to understand some of the challenges of discretionary access control security design and the compliance and operational efficiencies that an organization can benefit from by migrating to an enterprise-wide role- based access control security model. Attend this session to ... More »

Jonathan Hedgspeth, Newport News Shipbuilding

Newport News Shipbuilding has been running SAP ECC since the late 1990s in an environment with over 4,000 roles and 8,000 users. Learn how they incorporated SAP Access Control and enhanced the user access review (UAR) process to establish a complete and accurate review of user to role assignments. Attend this session to ... More »

Kunal Mahajan, EY

Explore opportunities to define security readiness from a compliance perspective and identify opportunities to define auditable processes enabled by SAP GRC solutions during an SAP S/4HANA implementation. Learn to achieve a sustainable and compliant access management solution post-go-live. Attend this session to ... More »

Dave Wood, The Goodyear Tire & Rubber Company

Learn how The Goodyear Tire & Rubber Company utilizes multiple rulesets to validate ruleset changes in production without impacting the global ruleset. Take a deep dive and see how the company maintains a second simulation ruleset to perform risk analysis against production users and review how Goodyear uses Multi Step Multi Process to pass all access control requests with a risk to a different path, allowing role owners to approve requests despite risks. Finally, see how Goodyear tracks the progress of mitigation requests utilizing GRC tables. Attend this session to ... More »

Moderator: Susan Stapleton, Greenlight Technologies

The SAP Access Violation Management application by Greenlight extends SAP Access Control in real time to any business application to ensure compliant user access is managed. In this session, hear from customers who will describe their specific challenges and the business benefits they achieved by deploying SAP Access Violation Management. Learn how SAP Access Control can be leveraged to be the enterprise-wide compliance solution for your organization and ... More »

Carol Chapman, American National Insurance Company

Attend this session to learn how American National Insurance Company handles auditor requests for access review documentation, including completeness and accuracy checks. Learn how to provide complete information on user role-based reviews that illustrate how to solve for “Least Privilege” without the pain of manually intensive extract checking. Join to ... More »

With digital transformation, some business functions are leaving on-premise and moving to the cloud, creating new hybrid landscape challenges. In this session, you will learn ... More »

Peter Hobson, PwC

The SAP S/4HANA landscape introduces many new capabilities but also new risks. More complex SAP landscapes, mobile SAP Fiori applications, and cloud hosting all introduce new risks that need to be managed to deliver a secure, compliant SAP S/4HANA system. This session will discuss how to identify the risks within your SAP S/4HANA business process and embed mitigating controls directly into your processes using effective controls, security, cyber, SAP Identity Management, and GRC techniques. Join to ... More »

Roger Zhang, Protiviti

Learn how to interpret access risk analysis (ARA) results and see how to run analysis to identify trends, such as common violating transactions. Discover how to verify their risk analysis and discuss remediation approach and strategy. Attend this session to ... More »

Kiersten Brock, Stanley Black & Decker

Learn how Stanley Black & Decker designed an SAP Fiori-based security architecture for a concurrent implementation of SAP S/4HAHA and Central Finance. Discover how the company built in a robust set of configurable controls to automate, optimize, and standardize business processes and how it leveraged SAP Access Control 10.1 to enable continuous compliance of user access management within the SAP S/4HANA, Central Finance, and SAP Fiori systems. Attend this session to ... More »

David Denson, PwC

With the release of SAP GRC 12.0, there are a number of usability, integration, and process optimization enhancements that organizations can expect. This session will provide an architecture overview of the new release, SAP Access Control and SAP Process Control enhancements, and integration opportunities available on-premise and through cloud identity access governance support. Attend to ... More »

Susan Santos, Ogilvy & Mather

Learn how Ogilvy & Mather used a phased approach to implement SAP Access Control and leveraged reports to identify usage trends and limit SAP access for users. Walk through specific GRC reports that can be run to obtain usage trends and explore the considerations for a phased approach. Attend this session to... More »