- Legal Notice
- Legal Notice
See our collection of questions in the FAQ – Access Control
Our Access Control tool has been around since 2014 and has served numerous international customers. Throughout the years we have been constantly developing it, and the feedback we have received from our many customers has been invaluable in order to build the most efficient and helping our customers to move from today’s manually handled control environment to an automated one. We have collected the most common and relevant questions regarding Access Control and crafted this blog post for you to learn about the more technical functions of AC.
There are two ways AC can support the IdM process. It is possible to configure an integration to your IdM system supporting AC to be activated in case of risk being detected.
As an alternative the AC preventive check can be deactivated leaving the approval of risks to be supported by Legacy Risk Management (LRM). In LRM Cockpit all risks will be listed and can be processed to risk approval either manual or automatic.
This will support that your Risk Management process can run in parallel with the IdM process without having to set-up and maintain an integrated process.
Yes, the risk defined is supported by different system reactions. One of the them is an Approval Workflow where Risk Approver and substitute can be appointed. The Risk Approver will receive an email notification and log-in to the personal AC Approval workplace. After approval AC automatic conduct the role assignment.
Answering this question, we need to discuss both a technical installation and a governance configuration. The technical implementation is fairly simple and will typically have a duration of 2-3 days effort including a verification from ComplianceNow.
The Governance configuration will include upload of Risk Library, identification of risk approvers and preventive actions. This will enable you to run a preventive process, execute risk reports and follow the development in the AC Dashboard.
Executing the governance configuration process can be anything from days to weeks influenced by the maturity level, the organization’s ability to take ownership and setting the relevant ambition level for short and long term.
The short answer is yes. AC support defining both single and multiple sided risk on services, transactions codes, objects, fields and fields values.
Yes, AC is an integrated and real-time preventive risk management solution. AC has defined the following preventive actions that can be selected for the individual risks: Approval Workflow, Documentation Required, Display Message, Full Stop and None.
Yes, it is possible to defined multi sided risk in AC.
The CN Access Control Risk Library contains approximately 120 predefined SoD risks and approximately 90 critical access risks, including all affected SAP transactions and associated SAP authorization objects and their values. Supporting the core business processes in SAP (Finance, Procure to Pay, Order to Cash, HR & Payroll, Basis & Security). The Risk Library is available in English, Danish and German.
Yes, it is possible (and recommendable) to configure your own risk library. AC Risk Library Template can be downloaded for editing in Excel and re-uploaded to AC. We have experience with customers which migrated BIG Four and other risk libraries.
As starting point the AC Dashboard deliver a group of Dashboard views for each risk types, e.g. critical role or functionalities. Examples of views: User Compliance, Risk Introduced, Roles not in compliance, Total risk for top 20 users, Critical tcodes suddenly used. The Dashboard aims at giving a status and a trend of the compliance situation supporting the need of daily operation and management reporting.
As goes for the Risk Risk Library it is possible to make e.g. the productive system as the master reference for the other systems in the system string. This means that only one master risk library needs to be maintained.
The overall answer is that CN Access Control is significant less complex in both in the installation, configuration and the user interface. Access Control has in general the same functionality but in some areas, SAP GRC will have more advanced options to offer.
As an example, SAP GRC Workflow can offer options to support a more complex provisioning workflow. CN Access Control is designed to support the small to midsized companies in need for a fully integrated, reliable and preventive SoD engine possible for the local SAP Compliance Manager to operate. CN Access Control is priced significantly lower than its competitors.
Yes, AC includes transaction code usage statistic in the AC Reporting module enabling to run a false-positive analysis in the risk reporting.
We always look forward presenting Access Control to present customers, possible new customers, partners and network. So, if you want to learn more, have questions or would like to see a live demo of CN Access Control please contact us.
“My ambition is to spread the word about our well proven product suite that can help solve the many challenges in the area of SAP compliance operation. Understanding the needs of our clients and map those to the right components of ComplianceNow in order to deliver the needed changes for optimizing the compliance operation”
“Our vision is to strengthen our customers compliance operation through a wide range of relevant components facing the challenges and optimizing processes within SAP Compliance. Expect that ComplianceNow is fairly priced, has a fast and uncomplicated installation process, and is easy for your organization to take into use”