Tests and rules
Our solution includes best practice tests for common business processes (such as order to cash, procure to pay, finance, HR) along with practical examples of actual risks. These tests form rule sets that are used to analyse and display the results.
Rule sets can be customised by the end user to meet your requirements, e.g. adding tests, transaction codes, and authorisation objects (available in fall 2019).
Results of the analysis
The results of the analysis will be shown on the PwC Insights portal where users can view the results from different viewpoints (such as by business process, by user, by transaction) and to drill down all the way to the actual authorisation data level to see where the user gets the authorisations from.
The analysis views can be dynamically configured and filtered with different rule sets, with test types and categories, and with filters (such as company code, sales organisation, plant).
The solution helps you with compliance requirements such as your organisation’s security policy, GDPR and other regulatory requirements on limiting access to sensitive data and to limit the risks with segregation of duties.
Compliance with requirements and policies typically requires that the authorisations are analysed at least yearly and with PwC Insights - Access Risks you can easily meet these requirements from one off analyses to recurring analyses.
Solution and the team
The PwC Insights - Access Risks has been developed inhouse by PwC Finland with a team with solid knowledge on SAP authorisations and data extraction, efficient data analysis, robust automation platforms, and secure cloud services. Our solution relies on proven and tested technologies that we have combined together with the knowledge of the team to provide this superior solution.