SAP Cloud Identity Access Governance

Introduction and Overview

INTRODUCTION
Understanding Identity Access Governance

• Identity Access Governance (IAG) is the practice of ensuring that

users have the appropriate access to the right systems and data within
an organization. It involves defining roles and permissions for users,
reviewing access requests, and monitoring user activity to ensure that
access is appropriate and necessary.
• IAG is an essential component of an organization’s security strategy as
it helps to mitigate the risk of unauthorized access, data breaches, and
compliance violations. Organizations can implement strong access
controls with the solution and ensure that sensitive data is protected
and meets regulatory requirements.
Key Takeaways
• ⇨ SAP Cloud Identity Access Governance (IAG), a part of SAP
Business Technology Platform, is a cloud-based solution that enables
organizations to manage access to critical business applications and
data.
• ⇨ SAP Cloud IAG provides similar functionalities as SAP Access
Control, a part of SAP's GRC solutions, but doesn't act as its
replacement.
• ⇨ The solution features a variety of IAM capabilities such as self-
service access requests for on-premise and cloud applications, access
risk analysis, and role design.
The benefits of SAP Cloud IAG

• Improved Security: By implementing strong access controls and

monitoring user activity, SAP Cloud IAG helps organizations to
reduce the risk of data breaches and unauthorized access.
• Streamlined Compliance: With detailed reporting and compliance
tools, SAP Cloud IAG makes it easier for organizations to meet
regulatory requirements and demonstrate compliance.
• Reduced Costs: By automating access management processes, SAP
Cloud IAG can help organizations to reduce the costs associated with
manual identity and access management.
The benefits of SAP Cloud IAG

• Simplified Administration: With a single, centralized platform for

managing access to all systems and data, SAP Cloud IAG
simplifies administration and reduces the risk of errors or
omissions.
• Increased Productivity: By automating manual processes and
providing self-service tools, SAP Cloud IAG can help organizations
to improve productivity and reduce costs.
• Cloud-Based: As a cloud-based solution, SAP Cloud IAG is easily
scalable and enables organizations to manage their access control
processes from anywhere.
OVERVIEW
Components

1. Access Analysis: This service allows you to streamline access with

real-time visualizations.
2. Role Design: Helps in defining and managing roles for users.
3. Access Request: A cloud service for creating self-service requests to
applications for both on-premise and cloud source applications and
systems.
4. Access Certification: A cloud solution for reviewing and certifying
access for on-premise and cloud source applications.
5. Privileged Access Management: Enables self-service requests for
emergency access to systems and applications.
Access Analysis
• Insight into segregation of duties and critical action.

• Overview dashboard and various risk trends to review the risk across
the landscape.

• Integrated audit reporting to refine access.

• Configurable and predefined access policies and rules

ROLE DESIGN
• Definition and optimization of business roles directly in IAG.

• Simple and intuitive business process role design.

• Access risk simulation ensures SOD-free business roles.

• Coordination process to ensure consistency in role design.

• Role designer dashboard provides risk metrics and usage trends within a
business role.
ACCESS REQUEST
• Self-service access request forms with data-driven filters.

• Compliant provisioning of access to cloud and on-premise

applications.

• Includes predefined non-modifiable workflow templates for access

provisioning.

• HR event-driven identity lifecycle management and automated

provisioning.
Access Certification
• Automated review of access, role, risk and mitigation control.

• Reviews tailored to the needs of the organization.

• Supports large-scale reviews and manages the review process.

Privileged Access Management (PAM)
• Definition and administration of privileged users and temporary
elevation of access.

• Enables monitoring of sensitive and critical transactions.

• Provides workflow-based activity reviews.

• Enables integrated session tracking.

Understanding the SAP IAG Bridge
• The SAP Cloud IAG Bridge tool makes it easier for companies to connect their SAP
Cloud applications and extend on-premise SAP Access Control capabilities to
connect system landscapes and business applications and achieve better compliance
with regulations and requirements.

With the SAP IAG Bridge, companies are enabled to:

• Connect IAG functions to other cloud applications across the SAP landscape.
• Leverage access refinement processes to remediate access governance issues.
• Use the Role Designer tool to create user roles based on current assignments.
• Conduct cross-application risk analysis using the access analysis service in SAP Cloud
IAG.
Conclusion

• SAP Cloud Identity Access Governance (IAG) is a powerful solution for

managing identity and access in an organization. With its range of features
and benefits.
• SAP Cloud IAG helps organizations improve their security, streamline
compliance, and reduce costs. Whether you are a small business or a large
enterprise.
• SAP Cloud IAG is a valuable tool for managing access to your critical
business applications and data. With the updated information, it is important
to note that SAP Cloud IAG is now part of the SAP
Business Technology Platform (BTP), which provides a comprehensive set of
tools and services for businesses to accelerate their digital transformation
journey.