Security and Segregation of Duties

Security and Segregation of Duties
Security and Segregation of Duties


Expectations are rising among auditors, regulatory bodies, customers and other stakeholders regarding the protection of corporate information against errors, privacy invasion, and fraud. The vastness of assigned user privileges, the complexities of SAP technical security architectures and the lack of cross-functional knowledge make it difficult to fully address these security and segregation of duties (SoD) risks. As a result, security settings intended to protect corporate information often have hidden weaknesses, allowing users to bypass even some basic accounting internal controls.


Protiviti's SAP Security and Segregation of Duties consultants help clients untangle the complexity found within today's SAP security structures. We leverage our methodologies and proprietary diagnostic tools to close excessive access exposures, design or optimize user roles and streamline security administration and monitoring processes.


Our SAP Security professionals provide guidance and support to ensure organizations better understand and secure their SAP systems and supporting applications.

Our comprehensive approach to SAP security enables you to secure and manage your SAP application risks. Our SAP capabilities include:


Streamlining SAP security processes and enabling SAP Governance, Risk and Compliance (GRC) software to automate segregation of duties (SoD) reviews, reporting and provisioning.

Redesign and Remediation 

Identifying and remediating SAP security issues around role and user access, SoD conflicts and sensitive access violations


Leveraging proprietary automated tools to assess SAP user access, role design, BASIS configuration, segregation of duties, and compliance weaknesses around design, provisioning and monitoring SAP Security processes.


Designing and enhancing SAP security administration, architecture, controls and change management / transport processes based on best practice models.

SAP Cyber Security 

Identifying cyber risks at the SAP application level, and implementing comprehensive programs and SAP Solutions to protect sensitive data from cyber-threats.

Segregation of Duties Quantification with SAP Access Violation Management by Greenlight

Assessing SAP transactional data to identify the financial impact of SoD violations. Our SoD quantification services are geared to help companies minimize the use of manual or mitigating controls, quantify the real impact of security deficiencies or weaknesses and improve continuous control monitoring.