C/María Berdiales, 20, 4ª Vigo (Spain)

+34 886 113 106

info@inprosec.com

Technical Article

Information Security Technical Article

The Supply Chain: The True Attack Vector in Cybersecurity

Today at 11:05 am

In the cybersecurity ecosystem, we tend to focus our efforts on development security. We invest significant resources in auditing proprietary code, looking for programming flaws, misconfigurations, or technical vulnerabilities in our own systems. However, the…

SAP GRC Technical Article

SAP GRC: Audit Control Execution for SAP / Non-SAP Systems

4 Feb at 11:48 am

Do you have a SAP GRC Process Control license and are you still not taking full advantage of the potential of Manual Control Performance? Many organizations still execute their controls—both business process and IT controls—in…

Information Security Technical Article

Strategy for Preventing Information Leaks in Microsoft Environments

November 20, 2025

In many organizations, the plan to prevent data leaks can be summarized as “let’s implement a DLP.” Solutions such as Microsoft Purview, Zscaler, Netskope or other Data Loss Prevention technologies are essential, yes — but…

SAP GRC Technical Article

Mitigation Controls in SAP® GRC

August 7, 2025

In this article, we will explore how Mitigation Controls in SAP® GRC help manage risks across the GRC ecosystem. This article focuses on the Access Control and Process Control modules, comparing their key functions and…

SAP GRC Technical Article

Custom Notification in SAP® GRC

July 31, 2025

Once SAP® GRC is in place, getting to use these new tools could be challenging for the organizations, especially among approvers and end users unfamiliar with the new governance workflows. There is where notification plays…

General SAP Security Technical Article

SAP® Table Maintenance Generator: Routines and Custom Restrictions

July 16, 2025

Controlling access to tables in SAP® has always been a challenge. The standard way SAP® provides to restrict access to tables is through table groups or specific tables (using the S_TABU_DIS or S_TABU_NAM authorization objects…

SAP GRC Technical Article

SAP® GRC: Protect Your SAP® Systems from Internal Risks

July 7, 2025

In today’s increasingly regulated and interconnected business environment, having effective management of access, risks, and compliance is essential. For organizations using SAP®, SAP® GRC (Governance, Risk and Compliance) emerges as a strategic solution that enables…

SAP GRC Technical Article

SAP® GRC Risk Dashboards

July 7, 2025

Proper risk management in SAP® is key to ensuring regulatory compliance and secure access. The risk dashboards in SAP® GRC allow clear visualization of risks associated with users, roles, and critical processes. In this article,…

SAP Security Technical Article

Basic Concepts of SAP Authorizations

April 24, 2025

In this article, we would like to offer a basic introduction to SAP authorizations, as it is important to have control over them. Additionally, we will provide a brief explanation of the most relevant concepts.…

SAP GRC Technical Article

Multilanguage in SAP® GRC

September 24, 2024

In this article, we will review the features SAP® offers to make the GRC system available in different languages. It is important to understand that, from a global perspective, a single language for the entire…

SAP GRC Technical Article

How can the results of access risk analysis be improved with SAP® GRC ARA?

September 4, 2024

During this article we will review how to improve access risk analysis using certain functionalities within the ARA module of SAP© GRC. Segregation of duties (SoD) is one of the main principles used by…

SAP GRC Technical Article

Integration via Web Services into SAP GRC for User Management

August 28, 2024

During this article, the benefits and utilities of undertaking an integration between the SAP GRC system and another system external to the ERP ecosystem, such as, for example, the corporate employee request management tool, will…

SAP GRC Technical Article

Introduction to SAP GRC Emergency Access Management

August 14, 2024

What is Emergency Access Management (EAM)? It is one of the GRC modules that allow end users to step out of their usual roles to perform the tasks necessary to resolve an emergency situation. SAP…

Information Security Technical Article

HOW TO IMPLEMENT AMENDMENT 1:2024 TO ISO/IEC 27001:2022?

July 31, 2024

The new amendment affecting the ISO/IEC 27001:2022 AMD 1:2024 standard is auditable from May 2024 and marks a significant evolution in integrating sustainability alongside organizational security. This amendment was published by the International Organization for…

SAP Security Technical Article

SAP® Table Restriction from Organisational Criteria

July 17, 2024

During this article, we will analyse the authorisation related to line and organisational criteria for tables. Tables in SAP, depending on the information they store, can be a critical resource for the system (IT tables,…

Technical Article

Benefits of Using a Role Model based on Best Practices & Composite Roles

July 3, 2024

In this article, we will examine some of the benefits of having a role model defined based on SAP®’s best practices, as well as a composite role model, in our SAP® system. Role Model based…

SAP GRC Technical Article

Enhancing Security with Solution Manager System’s Toolset

June 25, 2024

SAP Solution Manager®(Solman) is a central system to manage and control the rest of SAP® systems of the company, like the main configuration, transports (ChaRM), and also security. In Solman system, there are some many…

General SAP GRC Technical Article

Concept of Authorisations in Process Control

February 14, 2024

The main objective of this article is to explore how to adopt an authorization strategy based on best practices in SAP GRC Process Control. As mentioned in previous articles, Process Control plays a fundamental role…

SAP GRC Technical Article

Efficient Management with SAP GRC Process Control in Regulated Environments

November 29, 2023

In an increasingly regulated and complex environment, organizations face the challenge of finding the best solution to effectively manage and document their controls in order to comply with various applicable regulations. The “three lines of…

Technical Article

GRC PC CCM with SAP HANA

July 6, 2023

GRC Process Control, specifically Continuous Control Monitoring (CCM), is an SAP tool that allows for active monitoring of SAP systems and identification of deviations that occur in processes. To achieve this, the first step in…

Technical Article

Additional Features for ARM of SAP GRC

June 19, 2023

During this article, we are going to review the capabilities that are related with ARM outside of the user provisioning process, which is the main objective of the Access Request Management tool. User provisioning for…

SAP Security Technical Article

SAP® Licensing

May 18, 2023

During this article, we are going to understand SAP® Licensing and the different standard tools available to help Organizations to manage this Area effectively. License Types in S4HANA There was a change regarding the SAP®…

SAP GRC Technical Article

SAP GRC ARA | How to Improve Access Risk Analysis Results

May 10, 2023

During this article we will review how to improve access risk analysis using certain functionalities within the ARA module of SAP© GRC. Introduction Segregation of duties (SoD) is one of the main principles used by…

Information Security Technical Article

ISO 27001 and ISO 27002: Benefits & greatest hits

March 9, 2023

Below we share an article by our CEO Iago Fortes on the news and benefits of ISO 27001 and ISO 27002: I will not extend and try to make it interesting to write about something…

SAP GRC Technical Article

SAP GRC ARM: Access Request Management

January 26, 2023

In this article we are going to explain what the module of Access Request Management (ARM) of SAP GRC tool is, and the different uses and benefits it has. Access Request Management belongs to the…

SAP GRC Technical Article

Critical IT actions SAP GRC

January 4, 2023

During this article we are going to review some of the most important IT (Information Technology) critical actions that could be included within a Risk RuleSet to be used when running risk analysis in SAP©…

SAP GRC SAP Security Technical Article

Mitigating Controls for Finance Risks (SAP Risk Matrix)

January 4, 2023

In this article, we will review the concepts of Business Process, Risk, Control, and we will describe some of the best practices for defining Mitigation Controls. Business Process Every company has its own business process,…

SAP GRC SAP Security Technical Article

Authorizations in SAP ERP HCM

December 19, 2022

SAP Human Capital Management is well suited for dealing with authorizations, because the Human Resources (HR) department has a highly distinct perception of authorizations. From the data protection point of view, the data saved here…

SAP GRC Technical Article

Automatic Controls for Risk Mitigation in SAP GRC Process Control

November 26, 2022

In the SAP system there are several possibilities to review changes made to critical or sensitive information, e.g. supplier master, customer master, accounting accounts, banks. These changes fall into the following categories: “Change Documents” and…

SAP Security Technical Article

Evaluation of SAP security

September 19, 2022

During this article we are going to focus on the integral service SAP Security Assessment (SSA), which gives the opportunity to have truthful information in real time about the main risks and unsecure configuration settings…

Technical Article

Inprosec project management methodology

August 31, 2022

This article outlines the project management methodology used at Inprosec and condenses some best practices and key concepts of the PRINCE2 project management method. Introduction At Inprosec we follow a project management methodology based on…

SAP GRC Technical Article

Webinar: Strengthening Security with SAP GRC Access Control

January 20, 2022

SAP GRC Access Control is the SAP GRC (Governance, Risk & Compliance) module that allows automating the access management process, as well as monitoring the different access risks in real time. The main benefits…

SAP GRC Technical Article

Business Role Management

September 1, 2021

BRM it is a very useful tool in GRC which help to create and maintain the roles of the company in a single repository. This module it is not only use to manage the changes…

InprOTech Technical Article

Scanning an OT Network: What to Expect

November 21, 2019

Due to the complexity of Operational Technology (OT) environments and the frequent lack of documentation regarding the state of the network, the attached report aims to provide a clear overview of the current state of…