CONSTRUCTION INDUSTRY

Reorganization of SoD powers

SAP Security

CONSTRUCTION INDUSTRY

Customer Profile

A leading cement manufacturer in Poland, part of an international group, one of the largest construction concerns in the world. The company specializes in the production of high-quality cements used in a wide variety of construction projects, from infrastructure to housing. The company focuses on innovation, sustainable development and minimizing environmental impact, while ensuring the highest standards of customer service.

Challenges

System security risks

Too many permissions for some users

Company processes hampered by bureaucracy

Orders related to cyclical audits

Customer expectations

Mandatory audits (external and internal)

In the SAP area: controls, control documentation, paper tickets

System and vendor selection: reliable, professional, accessible

Searching for the right system: SAP GRC, a third-party system integrated with SAP, SAST - a system embedded in SAP

Lukardi is available to us

and we can consult as needed. They conducted a series of training sessions for us. Now the system works for us (Segregation of Duties) and we know how to configure it ourselves.

IT Manager / CIO

Key information about the project

Project stages

Scope of the project
i schedule

Remote deployment
(COVID)

Installation
  • SAP standard
  • SAP Certificate
  • Manufacturer transportation
Analysis and business participation
  • SoD matrix

Implemented modules

SAST Super User Management - Privileged access management, emergency user

SAST Authorization Management - Segregation of Duties.

SAST Risk&Compliance Management - Periodic audits, risk management

SAST User Access Management - Workflow of granting authorizations in SAP.

Effects of the project

Firefighter

SOX control

In the system a simply defined process

Monitoring of used transactions during access

Segregation of Duties

Authorizations - access to transactions and objects

Multiple authorizations provided by the manufacturer

Ability to check the system for authorization access

Business processes

Authorization collection

SoD matrix design element

Roles and statistics

Roles:

check roles for authorization access

check the roles that cause SoD conflicts

Statistics:

sets of reports showing usage,

roles, transactions by users over a given period of time.

helpful for possible access optimization.

SoD matrix

conflicts in existing processes,

A labor-intensive implementation process,

necessary involvement of business,

Maintenance of the matrix by the business,

Creating custom matrices.

Risk management and compliance

defining risks

mitigation of risks

control

Support for periodic review of entitlements. Specifically privileged by defining Policies.

Policies contain a set of Checks (Checks) associated with authorizations.

periodically, automatically run generate full information about assigned critical privileges to users.

The manufacturer provides its policies, which can be used to cross-check user permissions on the system.

Workflow of granting rights in SAP

When assigning rights, the system automatically checks for SoD conflicts based on the default matrix.

Key User

Application

Automation

SoD analysis

Manager, SoD

Acceptance

User Admin

Implementation

Workflow for managing user privileges in SAP.

  • requesting access
  • requesting a user
  • self-service portal
  • acceptance of authorization risks (SoD)

contact@lukardi.com

+ 48 733 007 830

contact@lukardi.com

+ 48 733 007 830

Your Needs
Our Support
Lets Talk!

Your needs, our support.
Lets Talk!

Your needs, our support. Let's talk

Menu

About us

Career

Investor Relations

Privacy Policy

Company details

ul. Tęczowa 3
60-275 Poznań
TAX ID NUMBER: 5213683072
Business Entity Identification Number: 360098885
National Court Register: 0000545448

Contact

contact@lukardi.com

tel: +48 733 007 830

ISO Certificate