SAP integration

SAP is an integral part of corporate software landscapes, providing solutions for human resources (HR), enterprise resource planning (ERP), and customer relationship management (CRM) activities. Accessing customer and employee data and critical company knowledge is a concern in each of these activities.

SAP uses transaction codes to control action executions. Many of these codes are security-critical. Determining who can retrieve specific transaction codes is difficult to answer using SAP on-board tools. SAP administrators can struggle in understanding how the authorization situation is decided, which is often due to multiple authorizations and nested roles.

It is not uncommon for SAP to function as the leading system in a company alongside Active Directory. As a result, administrators may struggle identifying which SAP user corresponds to which Active Directory (AD) user.

Implementing ARM in your integration

ARM enables you to search for security-critical transaction codes. ARM also identifies the authorization paths, allowing you to recognize multiple authorizations. Using ARM Graph, you can visualize nested roles and create clarity as the basis for creating a sustainable authorization concept. Need to know which AD user has assigned which SAP account? One click is enough and you have the information.

ARM enables a previously unattainable in-depth permission analysis. ARM does not require any configuration of the target system.

See the following sections for more information.