Global Oilfield Leader Boosts Access Controls with SAP Cloud IAG Client Snapshot Profile This client is a leading global oilfield services provider. Situation Faced with mounting concerns over automation and the ability to implement financial controls to manage sensitive SAP access and segregation of duties, the company needed an experienced SAP partner to help design a comprehensive SAP access governance roadmap. Work Performed Protiviti’s SAP team designed customised access governance processes while supporting the client’s SAP IAG implementation. Our work included developing a cloud-first architecture, defining roles and access, streamlining the access request process and training to future-proof the company for ongoing success. Outcome/Benefits The client’s new processes drove a 100% improvement in requests analysed for risk, an 80% increase in automation of access assignments and removals and a 50% reduction in time to complete access reviews. This strengthened its compliance capabilities for ongoing risk management and access governance maturity. In a rapidly evolving regulatory environment, ensuring effective access governance is not only a best practice but a critical compliance requirement, especially for chief financial officers (CFOs) and controllers focused on internal controls and compliance. Our most recent SOX Compliance poll of Audit and Finance Executives found that over 50% of organisations reported increased compliance costs from the prior year. Further, only a third of organisations are maximising the use of enabling technologies to manage those costs with survey respondents also noting the increased use of technology as a top priority.Our client, a leading oilfield services provider, faced mounting concerns over automation and the ability to implement financial controls to manage sensitive SAP access and segregation of duties (SOD). Recognising the urgency to strengthen its access management capabilities and prevent recurring compliance deficiencies, the company chose SAP’s Cloud Identity Access Governance (IAG) solution to modernise and automate its SAP access governance processes.Client challengeThe client deployed SAP S/4HANA as its core ERP system (deployed in the cloud through the RISE with SAP programme). The primary challenge faced after going live was a lack of centralised visibility, automation and control over SAP access risks. Critical challenges included:Pervasive SOD and sensitive access conflicts in SAP S/4HANA Cloud Private Edition.Lack of consistent process and governance of privileged and administrative access.Manual and error-prone procedures for access provisioning and deprovisioning.Limited governance structure over SAP access management responsibilities, resulting in over provisioning of access and inability to effectively review access on a periodic basis.These challenges not only jeopardised the company’s compliance posture but also created inefficiencies in access management, raising audit and security concerns. The client not only strengthened its compliance capabilities, but also laid the foundation for ongoing risk management and access governance maturity. 100% Increase in requests analysed for risk 50%Reduction in time required to complete access reviews 80%Increase in automation of access assignments and removals Topics IT Management, Applications and Transformation We recommend these resources Pro Document Folder SAP Consulting Services We deliver a range of SAP consulting services including finance transformation, data and analytics, intelligent automation compliance for security and controls, and application managed services, as well as SAP business case solution design. Protiviti is also an SAP Licensed Reseller.
