10 things NOT to do if you have SAP GRC

Posted by Andrea Mazzolani (translation) on Mar 3, 2023 12:00:00 AM


What are the main oversights when using SAP GRC or deciding whether to use it or not?



Read More

Topics: SAP GRC, SAP Fraud Management

Tip of the day: SAP User Parameters

Posted by Fabio Mambretti on Jan 20, 2023 12:00:00 AM

In this series of articles we discuss the "tip" of the day. That is, real cases of requests received in counseling. 

Today we discuss "is it worth using user parameters to manage permissions?" What are the advantages and disadvantages?

Read More

Topics: parameter sap, SAP GRC, SAP IDM, sap gui

SAP Security, which courses should you follow?

Posted by Andrea Mazzolani (translation) on Nov 4, 2022 12:00:00 AM


There are different formative paths and trainings for the SAP Security area. Below there are the main courses in the SAP Security and Governance area provided by SAP.

Read More

Topics: corso, pfcg, gdpr, e-learning, SAP GRC, idm, access management, SAP Security, SAP HR, HANA, training

3 tips ready to use. Reduce SAP security management costs!

Posted by Marta Ortona on Sep 23, 2022 12:00:00 AM


There are cases in which the management of 10.000 SAP users is done by two or three people (maybe not full-time).


Other similar or smaller cases where a team of 15 full-time people fail to meet the demands.

How is it possible? Let’s try to analyze what could be the causes and also possible solutions.

Read More

Topics: sicurezza sap, SAP GRC, sap consulenza security, consulenti

Risk and violation in SoD management, are they synonymous?

Posted by Marta Ortona on Aug 26, 2022 12:00:00 AM


Read More

Topics: sod, SAP GRC, Segregation of duties, governance

Consultants with production environment access? 5 actions to remember!

Posted by Marta Ortona on Mar 11, 2022 12:00:00 AM


Is it really possible that external consultants do not have any access to SAP production systems? 


Clearly there are various case studies, occasional or ongoing consultants, for example for maintenance contracts.


Is it really necessary to release an access to the production systems even in this last case? Can we control what happens and why it is requested?

Read More

Topics: pfcg, gdpr, sap_all, sod, SAP GRC, consulenti

10 Tips after installing SAP GRC

Posted by Marta Ortona on Jan 7, 2022 12:00:00 AM


Have you installed one of SAP GRC Systems? Here you are 10 helpful tips on how to improve the usage of the SAP Governance suite.



Different systems are covered by the SAP GRC area (Governance, Risk and Compliance). The main ones are:  

  • SAP GRC Access Control
  • SAP GRC Process Control
  • SAP GRC Risk Management
  • SAP Global Trade Services (GTS)
  • SAP Environment, Health and Safety (EHS)
  • SAP Cloud Identity Access Governance


10 focus points that you might want to apply! 

Read More

Topics: sod, SAP GRC, identity management system, HANA Security

6 tips before installing SAP GRC Access Control

Posted by Giacomo Sertorio on Apr 23, 2021 12:00:00 AM

Are you oriented to buy SAP Governance Risk and Compliance Access Control? You could also interest to suggestions for the purchase, configuration and the management of this tool




Read More

Topics: ISO, sod, SAP GRC, Segregation of duties, SAP Security, SAP GDPR, quotazione borsa

Basic Role, what is it and what should it contain?

Posted by Marta Ortona on Oct 17, 2019 12:00:00 AM


What is the basic role? 

The basic role is a container of some of the permissions that all users should have. 



It is a set of utilities, not critical and useful in some moments. How should it be build up and what should it contain? 

Read More

Topics: pfcg, gdpr, SAP GRC, access management, ruoli

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all