Enterprise Role Management — The Way to Compliant Role Design

  • by Frank Rambo, PhD, Director, Customer Solution Adoption (CSA), EMEA
  • March 15, 2009
Enterprise Role Management helps streamline your role design process with a pre-defined, customizable design methodology that guides you through role definition, authorization maintenance, risk analysis, role approval, and role generation in your SAP back-end systems. It also ensures Sarbanes-Oxley compliance of your roles.
Key Concept

Enterprise Role Management is a capability of SAP BusinessObjects Access Control 5.3. It embeds role design for your SAP and non-SAP applications in customizable methodology processes applying key product capabilities such as risk analysis and role approval workflows to ensure Sarbanes-Oxley compliance. Methodology processes for role design allow for the distribution of responsibilities during role design across multiple stakeholders such as business process owners, IT security, or members of your Sarbanes-Oxley team. These processes ensure that your roles do not contain risk violations.

SAP BusinessObjects Access Control delivers a comprehensive set of access controls that identify and prevent access and authorization risks in cross-enterprise systems. I’ll provide an introduction to Enterprise Role Management (ERM) so you’ll understand the main concepts of the application and learn how to use it for role design in your enterprise. I’ll start by explaining the idea of methodology processes and how ERM fits into your system landscape and your role testing approach in your development and quality assurance business systems. I’ll continue with Role Designer, which guides you through ERM customizing prior to productive use of the application. Then I’ll take you through the steps of the default methodology process delivered with the software using the creation of an SAP single role for an SAP ERP back-end system as an example. At the end I will provide an overview of ERM’s reporting capabilities.

Methodology Processes

In ERM, all role design happens within methodology processes. A methodology process is a sequence of steps, which always starts with the role definition step. In the process, you specify role type, target system landscape, role name, role description, and role attributes such as business process and subprocess. The following steps are available:

Frank Rambo, PhD

Frank Rambo, PhD, is managing a team within SAP’s Customer Solution Adoption (CSA) organization working with customers in the SAP analytics area with the objective to drive adoption of new, innovative solutions. Prior to this position, he worked eight years for SAP Germany as a senior consultant focusing on SAP security and identity management. Before he joined SAP in 1999, Frank worked as a physicist in an international research team. He lives in Hamburg, Germany.

See more by this author


No comments have been submitted on this article. 

Please log in to post a comment.

To learn more about subscription access to premium content, click here.