Company upgrades SAP and outgrows current Security design

Functionality: SAP ECC, CRM, SRM, BPC and BI Security Redesign
Industry: Finance
Type: Implementation, Redesign
Module: GRC, Security


  • Upgraded SAP system and new modules were not compatible to old security design.
    Old security design did not reflect current security demands, nor adaptable to new modules.


PI’s out-of-the-box security architecture helped reduce the total time to completion of the role redesign. This allowed the project to focus on GRC risk assessments:

  • Mitigation of new and old business risks
  • Resolution of conflicts with the newly implemented systems
  • Mitigation of immediate and future security enhancements to better segregate duties among users


  • Total 12 months


  • Implemented SAP GRC Access Control
  • Configured GRC ruleset
  • Conducted workshops with the business to define requirements for the role design
  • Used the out-of-the-box security architecture to set the standard for the new role design
  • Customized role mapping to users across the enterprise
  • Provided customer with a comprehensive, revised and updated security architecture