on 03-11-2016 9:48 AM
I admit this is a generic question, but I need some input from people on this forum.
In my organization, currently we are using a .NET application which automates:
New SAP user application
Job role request/User authorization Management
User license Management
Job role transaction management
I starting looking for a standard solution in place of this, and came across SAP IDM.
Does SAP IDM serve the above purpose?
Any kind of guidance would be useful.
Hi Ather,
With SAP Identity Management you can automate the whole business process starting from the HR system - e.g. SAP HCM or SuccessFactors. Based on user roles or given attributes in HR when a new employee is hired, IDM can automatically create account in Active Directory, Outlook, portal and other systems and assign respective roles and permissions and the user can be productive in few minutes. You can even assing a starting date in the future and the user will be activate on the starting date.
In the same manner users can be automatically de-provisioned when they leave the company. And this is important from security point of view.
Another importanat point from audit and compliance viewpoint is when users change positions. Then IDM can be integrated with Acccess Control and check for Segregation of Duties violation.
There are different self-service capabilities - like pasword reset, access request, manage some of the personal data - all that makes the life of IT easier.
SAP IDM has flexible graphically designed workflows.
You can create and modify user UIs without the need of development skills and redeployment.
Role management and support of unlimited levels of hierarchy of roles
You have configurable logs according to your auditing needs
Various options for reporting
You have notifications to users, managers, built in approval and attestation workflows and the list goes on.
You can contact me for further details
Best wishes,
Fedya Toslev
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you for you response.
Matt: It is an application developed internally
To all: In our current scenario, once the user applies for a job role/Process, a notification is sent to the respective functional Analyst. For example, if a user applies for FI job role, application is sent to FI Analyst, who will first approve this application. Only after that, the application will be sent to the User's Line Manager, who will finally approve the application.
My question is, in IDM, can we have this multi- level approval hiearchy?
Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ather,
yes, you can have multiple approvers. you can see more about the approval process here:
Approval Processing - SAP Identity Management Configuration Guide - SAP Library
Best wishes,
Fedya
Hi Ather,
As Fedya mentioned, this is possible and frequently done with IDM.
I would suggest that you work on developing a list of requirements and then potentially engaging with a consulting firm that specializes in IDM work to help confirm your requirements and conduct a Proof of Concept to help validate everything.
A quick look at the People tab of the IDM space can give you an idea of who can help.
If course, SAP can also assist with this.
Regards,
Matt
Hi Ather,
I think the other thing that needs to be considered is that you don't mention if your current application is a commerical one or something developed internally.
SAP has put a lot of effort into creating an Identity Management Solution that works for the SAP Landscape and the Enterprise in general. I've noticed in my years of consulting that internal applications can be great at handling tactical customized needs of an organization, but seldom consider the strategic security and compliance needs that are affecting companies and organizations of all sizes every day.
Hope this helps,
Matt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.