Last week Inprosec participated in the TAC Insights Event: SAP for Internal Controls, Compliance and Risk Management Conference, held at the Novotel Amsterdam City, one of the most relevant European meetings for professionals specialized in internal control, regulatory compliance, and risk management in SAP environments.
Each year, this event brings together specialists, clients, and partners from the SAP ecosystem to share real experiences, implementation challenges, and the latest trends in security and control for SAP platforms.
Representing Inprosec were José González, Director of the SAP area, together with Pedro Estevez and Joaquín Colunga from the business team.
In addition, this year we had our own booth, which allowed us to hold numerous conversations with industry professionals and gain deeper insights into the challenges many organizations are currently facing in terms of security, governance, and control in SAP.
Success story presented: best-practice role model for SAP Public Cloud
One of the highlights for our team was the presentation by José González, in which he shared the success story of implementing a best-practice role model for SAP Public Cloud for our client AAF.
The session generated strong interest among attendees for several reasons:
-
It was the only presentation at the event focused on SAP Public Cloud.
-
It addressed real challenges in defining authorization models.
-
It shared practical lessons learned from a real project.
During the presentation, some of the key challenges that many organizations encounter when adopting SAP Public Cloud were discussed, particularly those related to the definition of secure access and authorization models from the very beginning of the project.
A well-designed role and authorization model not only enables compliance with security best practices, but also facilitates:
-
segregation of duties (SoD)
-
internal control
-
future system scalability
👉 You can learn more about how we approach these types of projects on our [SAP security and authorization services] page.
Key event trends in internal control, risk, and SAP security
In addition to Inprosec’s presentation, the event included multiple sessions from European companies that shared real experiences in GRC, audit, and SAP control projects.
Across the sessions and conversations held during the event, three recurring topics stood out.
Continuous monitoring in Process Controls
More and more organizations are adopting continuous monitoring models to detect deviations or non-compliance at early stages.
Process Control solutions enable organizations to automate controls and monitor critical processes, reducing operational risks and improving the efficiency of internal audits.
If you want to explore this topic further, you can check out our SAP GRC and Process Control services.
Risk management integrated into business strategy
Another key topic was the growing importance of Risk Management tools within corporate strategy.
Organizations are no longer managing risks solely from a compliance perspective, but rather as an essential component of business decision-making and management.
Integrating risk management tools within the SAP ecosystem allows companies to gain a more complete and up-to-date view of their risk exposure.
Authorization management: the foundation of SAP security
Authorization management remains one of the fundamental pillars for ensuring security in SAP environments.
A well-designed role model allows organizations to:
-
reduce risks of fraud or errors
-
facilitate internal and external audits
-
comply with regulatory requirements
-
and improve system governance
In SAP Public Cloud projects, where the authorization model has specific characteristics, it is particularly important to apply best-practice-based methodologies from the very beginning of the project.
A space to share experiences within the SAP ecosystem
Events such as the TAC Insights Event provide an opportunity to exchange experiences with other professionals in the sector and learn how different organizations are addressing the challenges of internal control, compliance, and SAP security.
At Inprosec, we would like to thank TAC Events for organizing an event that, once again, has consolidated itself as a key meeting point for specialists in GRC, internal control, and risk management.
Are you working with SAP GRC, Process Controls, or SAP Public Cloud?
If your organization is currently working on projects related to:
-
SAP GRC
-
Process Controls
-
Risk Management
-
SAP Public Cloud
-
SAP authorization management
our specialized team can help you define a control and security model aligned with best practices.
👉 You can request a meeting with our SAP team here and analyze how to strengthen control and security in your SAP environment.