Case Study: SAP Niche Advisory Services (Security)

February 9, 2025 / Gravity IT Resources / Comments Off on Case Study: SAP Niche Advisory Services (Security)

Transforming SAP Security: How Gravity Resolved Critical Audit Risks for a Global Manufacturing Leader

The Gravity team partnered with a global mid-market manufacturing specialist to successfully address their security challenges.

 

CLIENT DETAILS

Industry: Manufacturing – Global Leader in 3D solution & services
Revenue:  <$1B
# of Employees:  <2,000
Practice Area:  SAP Program Leadership & Advisory
Project:  SAP Security

CLIENT OVERVIEW

Client is a global leader and innovator in 3D measurement, imaging and realization solutions with 30+ offices around the globe.

PROJECT OVERVIEW

The Client engaged Gravity IT Resources’ SAP Program Leadership and Advisory practice due to their SAP Security subject matter experts and value creation and problem-solving capabilities.  Gravity first proposed a review of the client’s current SAP security set up in detail.  The outcome of this 30-day assessment resulted in a remediation plan with highly prescriptive next steps, followed by a 120-day implementation plan to execute the proposed plan of actions.

BUSINESS PROBLEM & OBJECTIVE

Client’s business severely suffered from a series of poorly executed enterprise solution implementations (SAP, Salesforce, Workday, Service Now, etc.). As a result, these solutions were underutilized, not properly connected and posed a huge risk from a security and controls perspective. The security and controls deficiencies triggered severe audit warnings (highlighting a material weakness) in the client’s core enterprise solution (SAP).  The audit warning prompted the CIO and IT organization to reach out to SAP security experts to review the situation and provide advice on mitigating.

GRAVITY SERVICE

For this engagement, Gravity positioned one of its best experienced SAP security experts with the client, offering thirty years of global SAP security expertise. In Phase One of the Program, Gravity’s security expert analyzed client’s current SAP security setup and user role design with the help of audit reports (SUIM), configuration review (e.g. SU24), job descriptions, usage analysis (SE16, SE16N, etc.), transaction reviews, use of SailPoint, etc.  The results were summarized in a thirty-page assessment study.  Detailed step-by-step instructions to remediate pressing audit concerns and compliance issues, correct current user role design and improve client’s overall security settings were also provided.

During the subsequent implementation phase, Gravity’s expert first addressed any user role re-design to immediately remediate any audit findings, followed by a redesign of user/custom roles, emergency access, custom transactions, authorization groups for custom tables and reports and a subsequent setup of SailPoint.

RESULTS

Through a hands-on approach leveraging 30 years of deep SAP security experience, Gravity guided its client through the necessary steps to redesign their existing security setup. As a result, the client’s business was able to operate without any security errors and the client’s audit partner removed their material weakness warnings.

Posted in

Gravity IT Resources