What is the SAP GRC Framework?
The SAP GRC (Governance, Risk Management and Compliance) Framework is a collection of enterprise software applications that help organizations control access and prevent fraud across the enterprise. At the same time, they can minimize the time and cost of compliance with internal and external regulations.
The SAP GRC framework comprises the SAP Access Control and SAP Cloud Identity Access Governance solutions. While SAP Access Control is an on-premises solution based on the SAP NetWeaver platform, the SAP Cloud Identity Access Governance solution is an alternative, complementary, cloud-based solution for customers who prefer to utilize the cloud.
SAP Cloud Identity Access Governance is available exclusively as a SaaS solution and is based on the SAP Business Transformation Platform (SAP BTP). Both solutions offer the same services and both support SAP applications such as SAP Finance, SAP Sales and Distribution and SAP Controlling as well as cloud-based applications such as SAP Ariba, SAP SuccessFactors and others.
SAP Cloud Identity Access Governance (SAP IAG) and SAP Access Control (SAP AC) are two powerful solutions from SAP to address critical governance, risk management and compliance challenges.
By implementing these solutions, organizations improve data security, streamline access management processes and ensure legal and regulatory compliance.
One Identity can help
Organizations face the challenge of deploying many different SAP and non-SAP systems in their production processes while ensuring that there are no conflicts with separation of duties (SoD) in the permissions assigned to users and accounts.
One Identity Manager enables organizations to maintain a complete picture of all deployed and connected (SAP and non-SAP) systems by reading and writing to the connected systems via connectors.
This complete picture can be maintained provided the required target systems are connected to One Identity Manager and managed via the connectors.
One Identity Manager includes a standard scope SoD engine to cover the requirements regarding segregation of duties in the context of user and authorization management through both preventive and detective methods.