High Peaks can help with every step of securing your S/4 HANA upgrade.
With the S/4 HANA transformation, existing GRC needs to be upgraded to 10.1 or 12.0 (recommended) version and following needs to be considered:
One of the key design decisions when choosing to migrate to S/4 HANA, is whether to keep the existing role design and incorporate the necessary Fiori content or start again – thereby creating a new set of roles. Whichever path is chosen, there will be a unique set of advantages and disadvantages to be considered. Keeping the existing role design may be advantageous if a lot of effort has been invested in ensuring roles are audit compliant and risk free. However, this will require obsolete transactions to be identified and replaced and extensive analysis to be performed to map in the service authorisations required to use Fiori. Start from scratch means Fiori Catalogs can be used to pull through the authorisations required for each app to work. This will save effort but will require familiarity with the Fiori launchpad designer to customise Catalogs – and the new roles will need to be reassessed to ensure that they are free of Segregation of Duties risks.
S/4 HANA emphasizes simplicity by introducing a simple data model, consolidated business processes and straightforward architecture. While the end goal is to achieve simplification, better user experience and increased performance, the “Road to S/4 HANA” analysis should lay clear emphasis on existing SAP landscape, past investments on security design and GRC systems, customizations and Z t-codes, home-grown applications, integration points etc. The plan for migration should be a well thought out process and decision than a simple upgrade or a “lift & shift”.
High Peaks can help with every step of securing your S/4 HANA upgrade.
- New systems; namely Gateway (hosts Fiori) and HANA Database/s, need to be added as a managed system in GRC
- Configuration to add these systems in MSMP/BRF+ workflows to enable auto role provisioning
- Ruleset to be considered for upgrade with new T-codes and Authorization objects
- Roles re-design to accommodate changes to Business processes owing to change in S/4 t-code and table structures
One of the key design decisions when choosing to migrate to S/4 HANA, is whether to keep the existing role design and incorporate the necessary Fiori content or start again – thereby creating a new set of roles. Whichever path is chosen, there will be a unique set of advantages and disadvantages to be considered. Keeping the existing role design may be advantageous if a lot of effort has been invested in ensuring roles are audit compliant and risk free. However, this will require obsolete transactions to be identified and replaced and extensive analysis to be performed to map in the service authorisations required to use Fiori. Start from scratch means Fiori Catalogs can be used to pull through the authorisations required for each app to work. This will save effort but will require familiarity with the Fiori launchpad designer to customise Catalogs – and the new roles will need to be reassessed to ensure that they are free of Segregation of Duties risks.
S/4 HANA emphasizes simplicity by introducing a simple data model, consolidated business processes and straightforward architecture. While the end goal is to achieve simplification, better user experience and increased performance, the “Road to S/4 HANA” analysis should lay clear emphasis on existing SAP landscape, past investments on security design and GRC systems, customizations and Z t-codes, home-grown applications, integration points etc. The plan for migration should be a well thought out process and decision than a simple upgrade or a “lift & shift”.
High Peaks can help with every step of securing your S/4 HANA upgrade.