Soterion's compliance software solves GRC (Governance, Risk management and Compliance) for SAP® clients. EPI-USE Labs and Soterion's partnership brings together powerful complementary solutions, including our SAP Data Privacy Suite, to help our clients address compliance with GDPR (the General Data Protection Regulation) and other privacy legislation.
Our research has shown that there are still many companies using SAP with no GRC protection. Traditional GRC solutions take time to implement and maintain, and can be expensive. Clients are looking for GRC solutions that are easy to deploy and use, with tangible business benefits realised quickly. Soterion is S/4HANA ready with no need for expensive upgrades or lengthy implementations.
Soterion is a leading-edge solution, giving SAP users agility in GRC. Regardless of the SAP enterprise size, this solution is deployed rapidly into a client’s landscape, with users experiencing benefits in a short period of time. Soterion provides business-centric GRC, empowering companies to proactively manage and model risks in the context of business processes.
Soterion’s Access Risk Manager provides the ability to identify SAP access risk exposure and show clean-up opportunities via a user-friendly web application. The solution also includes:
Soterion's Basis Review Manager will inspect your SAP Basis configuration against a set of rules that are based on your industry best practices. Be prepared for audits, and ensure complete compliance with:
This module identifies under-utilized, unused and incorrectly classified SAP user accounts by monitoring user activity in SAP. Soterion's SAP License Manager allows you to:
From time to time, clients need temporary or emergency access for a limited period – often called firefighter access. This module allows you to do this efficiently, and provides a complete audit trail. The module:
This solution allows your business users to periodically review your SAP user access risk in your SAP systems easily and efficiently. This process will significantly improve the visibility of your GRC environment, and may be an audit and statutory requirement for your organization.
With Periodic Review Manager you can:
Central Identity Manager enables you to decentralize the provisioning of SAP user access to the business, so you can:
Data Privacy Manager helps you comply with the ‘privacy by design’ concept in data privacy legislation such as GDPR. This module:
We can't keep relying on audit and risk departments to identify risk. The business needs to take ownership of their risk. However, most businesses are already thinly stretched; surely they don’t have the capacity to take on more work, or added responsibilities?
Roy Topham gives us security advice on how to secure your access risks in the context of large transformation and S/4HANA projects.
Read about clients who have benefited from Soterion's GRC solutions for SAP access management, reducing access risk and aligning GRC with business goals.
"With Soterion, we identified that many people had risk-bearing access that they no longer needed. Now, we have reduced our access risk footprint significantly."
Nick Achteberg, Senior Director Technical Services (SAP), Endeavor
"Soterion's GRC solutions for SAP were even better than we expected!"
Cecilie Relling, Senior Specialist, Finance Process Improvements & Systems
Would you like to see Soterion in action? Get a personalised demo with one of our GRC experts.