Automated Provisioning for Access Controls

Make Role Changes and Assignments Audit-Proof in SAP®

Automated Provisioning provides clients with the ability to provision roles in SAP in a secure and compliant manner.

As a key feature of ERP Maestro, it automates integral workflows to manage the request, approval, and assignment of the role. With integrated segregation of duties (SoD) conflict detection built-in, potential conflict risks are identified prior to assignment of any role. This secures against unnecessary access risks being introduced into SAP. In addition, your organization will be ready to face that next access audit with full documentation and traceability of all provisioning activity.

Automated Provisioning Features

  • All role assignments are tested for their impact to security before being requested and assigned
  • Role owners are aware of new assignments
  • Risk owners are aware of new conflicts and mitigations

Fully Automated Provisioning Process 

Automated workflows allow for a quick and easy provisioning process that also provides complete visibility of SoD conflicts. Convenient email notifications alert risk owners of potential risks being introduced into the system. This allows them to proactively review risks and assign mitigating controls. Once the Risk Owner has addressed the issues and documented their results, the approval is finalized. The workflow documents the entire process and all activities for later auditing purposes. 

Compliant User Provisioning process

Integrated SoD Risk Detection

Before any role is provisioned, all conflict risks are analyzed and identified. Smart utilization intelligence allows the risk owner to understand the precise reasons for conflicts occurring.

SAP Segregation of Duties Matrix

Proactive Email Notifications

Once analysis is complete, e-mail notifications are sent to role approvers and risk owners, notifying them of the pending provisioning request or the detection of any SoD conflicts.

Email Notification