Resilient Security and Compliance


"Security-wise, the main thing is that our software is more and more web-based, enabling more collaborative relationships between companies. This requires a new approach to security, putting it much higher on agenda".
Sachar Paulus, Chief Security Officer at SAP in Infosecurity Magazine

For in-depth and real life expertise in end-to-end SAP Security and Controls, the SAP Controls specialists at EnCrisp ® are your single most reliable source.

The implementation of SAP R/3 often mandates enterprise-wide changes in business & control processes, organizational culture and technology infrastructure. Business and control risks associated with each of these key areas increase when isolated legacy applications become integrated and span the entire enterprise through web based infrastructure. Business process re-engineering, system development methodologies, user access controls, program change management processes, reporting and user training become critical to the success of the implementation and the entire organization.

The specialized SAP services which are part of our EnCURE Services Suite help to ensure that appropriate processes and controls are designed into the SAP R/3 environment throughout your organization’s SAP life-cycle. Ideally controls assurance & optimization should occur alongside the design and construction phases of the SAP R/3 implementation to minimize the cost and impact of having to retrofit and reconfigure controls after the system has gone "LIVE". However, post-implementation control assurance reviews are also mandated due to audits, regulatory requirements & changing business conditions due to mergers and acquisitions, etc. Our SAP security & controls specialists at EnCrisp help to ensure that appropriate control processes are being utilized and maintained on an on-going basis.

When it comes to your SAP controls, you want to trust only those who possess the deepest expertise. At EnCrisp we bring, SAP expertise & depth in;

  • SAP Authorization Design and Management
  • SAP AIS (Audit Information System)
  • SAP MIC (Management of Internal Controls)
  • SAP RBE (Reverse Business Engineer)
  • SAP IMG Configuration Design and Controls
  • SAP BW Security and Data Integrity
  • SAP CRM Security
  • SAP HR Application Security
  • SAP Business Process Integrity (SD, MM, FI, CO, SEM)
  • SAP Interfaces and Data Conversion Integrity
  • SAP NetWeaver and Portals

Some of the areas that we cover from an SAP specific security and controls perspective are as follows;

Configurational Controls design , Security & Audit of;

  • All SAP modules and new dimension products such as BW, CRM, EBP, SEM, etc.
  • Security, audit and control of the SAP technical architectures such as NetWeaver, WAS and BASIS
  • Implementation & integration of SAP MIC (Management of Internal Controls), controls documentation module with external continuous controls testing and monitoring systems.
  • Implementation of SAP centric continuous segregation of duties monitoring tools such as Virsa
  • Segregation of duties (SOD) compliance, mitigation and remediation engagements
  • Internal audit co-sourcing and out-sourcing for ALL SAP Pre & Post-Implementation security, audit and control reviews.