Implement a Compliant Identity Management Solution for Effective Provisioning, Reporting, and Role Management

  • by Chris Knapik, Senior Consultant
  • Mira Doneva, Manager
  • Debi Mohanty, Manager, Deloitte & Touche LLP
  • September 8, 2010
Learn how to achieve efficient, compliant, and secure management of user accounts and identities with SAP NetWeaver Identity Management (SAP NetWeaver IDM). Step through an overview of SAP NetWeaver IDM, including the product’s architecture and integration capabilities.
Key Concept
SAP NetWeaver Identity Management (SAP NetWeaver IDM) provides provisioning capabilities for SAP and third-party applications. You can integrate it with SAP BusinessObjects Access Control to comply with regulatory requirements and build a solid foundation for an identity infrastructure.

SAP NetWeaver Identity Management (SAP NetWeaver IDM) 7.1 has worked out many of the initial hiccups of its predecessor, SAP NetWeaver IDM 7.0, and is designed to establish compliant and business-driven identity management by:

  • Centralizing management of user identities for SAP and non-SAP systems
  • Providing compliant end-to-end automation for user identities via integration with SAP BusinessObjects GRC solutions and SAP ERP
  • Enabling role-based access controls
  • Leveraging rule-driven workflow/approval processes

SAP NetWeaver IDM also seeks to produce efficiencies, strengthen accountability, and extend the IT systems support of businesses within the areas depicted in Figure 1. SAP NetWeaver IDM provides enhanced control for user identities within an SAP ERP landscape, including end-to-end compliant user provisioning, while minimizing time and cost.



Figure 1
SAP NetWeaver IDM impact

We’ll review the technical components of SAP NetWeaver IDM before explaining how it integrates with SAP BusinessObjects Access Control. Then we’ll walk you through three production and non-production scenarios to show you how it works in business terms.

Chris Knapik

Chris Knapik is a senior consultant with Deloitte & Touche LLP’s security & privacy group with four years of consulting experience. Originally a native of Ohio, Chris began his career with Deloitte & Touche LLP in Chicago with a focus on SAP Sarbanes-Oxley attestation work. It was here Chris obtained his CISA certification and joined Deloitte’s security and privacy services practice. Chris now resides in Orlando, Florida, and is staffed on large-scale SAP implementation projects in the consumer and industrial products industry.

See more by this author

Mira Doneva

Mira Doneva is a manager with Deloitte & Touche LLP’s security and privacy group. She has more than six years of experience in SAP security and GRC implementations, information system audits, and business process reviews. Her SAP security experience includes role design, configuration, and user administration for various SAP modules, including SAP BusinessObjects Access Control and SAP NetWeaver Identity Management. Her audit experience includes multiple Sarbanes-Oxley IT audits and business cycle reviews for various IT environments, including SAP. Mira has worked on projects in the manufacturing, healthcare, retail, financial services, telecommunications, and energy industries. She is a certified information system security professional (CISSP) and a certified information systems auditor (CISA).

See more by this author

Debi Mohanty

Debi Mohanty is a manager with Deloitte & Touche LLP’s security and privacy group based out of Deloitte’s India office. He has more than nine years of experience in identity and access management. His experience includes strategy and implementation of solutions around identity life cycle management, access control, role design, and user access certification for various applications, including SAP NetWeaver Identity Management. Debi has worked on projects in the utilities, healthcare, retail, financial services, and oil and gas industries.

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.