Access Analyzer

Identify Segregation of Duties Access Conflicts in Minutes with Automated Conflict Reporting for SAP®

Having the proper Segregation of Duties (SoD) policies in place is only one small piece of the compliance puzzle. Reporting and auditing on Segregation of Duties access in SAP is a large, virtually impossible undertaking without the proper reporting tool. Meanwhile the need to identify potential access conflicts is required as part of the auditing process and is even the law for public companies subject to legislation.

Segregation of Duties analysis and reporting is a central feature of ERP Maestro's Access Analyzer. The foundation behind Access Analyzer is our industry-leading, Big-4 tested rulebook, containing over 250 SoD rules across 100+ business tasks that are defined down to the authorization object level.

The true power of Access Analyzer lies in its reporting abilities for Segregation of Duties and Sensitive Access conflicts. Each report is designed to help users make decisions regarding conflict risks that will facilitate and accelerate remediation. With transaction monitoring embedded throughout the solution, you’ll see past false positives to identify real risks based on actual user activity.

Access Analyzer Features

  • Role design and analysis
  • Segregation of Duty analysis
  • Sensitive Access Analysis
  • Utilization insights reporting
  • Mitigating controls
  • What If simulation
  • Remediation recommendations

Actionable, Business-User Friendly Reports

User Conflict Matrix

The User Conflict Matrix is a great tool for strategizing exactly how to remediate conflicts. On the left-hand side are the Segregation of Duties rules, functions and transactions being analyzed. The top right-hand pane shows users. Users are mapped within the matrix to indicate whether have access to it and have not used it (green), or if they have access to it and have actually executed it (orange).

SAP SoD Matrix

Role Conflict Matrix

The Role Conflict Matrix is ideal for role building exercises or role analysis. It highlights all of the Single and Composite roles that inherently cause conflict risks within the SAP security environment. It clearly identifies which users with access to the roles analyzed are actually executing the related transaction codes. It also goes down to the authorization object level, so it's easy to drill down for more detail.

SAP SoD Matrix

Monitor and Manage Sensitive Access

Our straightforward Sensitive Access Analysis report found within Access Analyzer provides a way to actively monitor the base of SAP users with access to sensitive functionality for IT audit and operational purposes.

  • Maintain a list of pre-approved users with sensitive access
  • Identify any changes in the list of users with sensitive access
  • Monitor sensitive transactions
  • Can be used for role re-certification purposes


Reporting and Management is Easy

Sensitive Access Report

With the Sensitive Access Report business users and executives can actively monitor the base of SAP users with access to sensitive functionality for audit and operational purposes. The report enables quick identification of any changes in the list of users with sensitive access. Additionally, because Access Analyzer® is monitoring sensitive transactions, users can easily see who is using and not using the sensitive functionality.
Sensitive Access Analysis

Sensitive Access Rule Management

Rule Management