Where to Start Modernizing SAP Access Governance with GRC 12.0 Fiori Capabilities: Part 1

In this two-part blog (see Part 2 here), we highlight how to improve the customer experience around SAP GRC apps using SAP Fiori. We also look at some of the benefits to consider when thinking about modernizing and maturing the processes and technology which support access governance of SAP applications.

An improved customer experience

C-suite executives are increasingly investing in technologies that focus on improving customer experience and gaining customer trust. While most of the discussion has been on improving the experience to drive revenue growth, why can’t we also apply these strategies to SAP access governance? The most common SAP GRC Access Control customers would include managers, auditors, owners/approvers, functional support team members and potentially all SAP end-users. While these customers have been interacting with the application through a web-based interface, the design and usability is long overdue for a refresh.


With the introduction of S/4HANA, Fiori Launchpad has become the user-centric entry point to perform business activities. The Fiori interface design provides end-users a simplified and consistent view for the application using Fiori Apps and the Fiori design framework. As part of this new design shift, SAP has extended these Fiori design principles into the latest version of SAP GRC 12.0.

To take it a little deeper: Fiori is a web-based user interface (UI) layer; it separates the front-end interface from the back-end application. Fiori provides a consistent and modern UI across any platform by which end-users are no longer required to memorize SAP transaction codes to access the application. An end-user can simply search for an app by keywords and the results display instantaneously. Since Fiori is an adaptive web-based UI, the end-user can now access the application via their mobile devices, which completely changes the traditional way of accessing SAP applications.

Access Control 12.0 Fiori apps

In SAP GRC Access Control 12.0, SAP delivers a set of standard GRC Fiori apps. Below, we explain the different types of Fiori apps and where to locate additional information about them.

There are multiple types of Fiori apps and each are defined by their underlying technology design. Within Access Control, two main types of Fiori design principles are utilized. The first is what we might refer to as native Fiori apps, which are based on the use of oData services. The alternative app type leverages the use of the existing services from the backend with an updated interface or Fiori-like apps.

Native Fiori apps for Access Control

Several Fiori apps have been designed from the ground up using the latest frameworks and are delivered by SAP as a starting point for organizations to update their SAP GRC experience. The details of the SAP-delivered apps can be found in the SAP Fiori Apps Reference library. The apps which are related to SAP GRC Access Control are noted in the table below and grouped by type:

These apps are a starting point for organizations to begin transitioning towards a more mobile-friendly and modern user experience. They should be evaluated to understand the fit within existing processes and any potential gaps or challenges that should addressed (fit-gap analysis). For example, a recent client discussion uncovered a requirement to allow users to submit requests for firefighter IDs (emergency access IDs) via mobile devices. After evaluating the Request Access app, the client determined this was a gap which required additional evaluation. Therefore, challenges should be expected and planned for when deploying Fiori apps within the organization.

Fiori-like experience

In addition to the true Fiori apps, the latest version of Access Control allows clients to enable Fiori apps within the Fiori Launchpad which link the user to the existing Access Control applications and services (e.g., WebDynpro applications). These Fiori-like apps bring the existing applications into the Fiori UI, leveraging existing screens and behavior but with an updated theme for a much-needed makeover to a more modern user interface design (moving from the SAP Corbu theme to SAP Belize). These apps are not native Fiori applications, and therefore will not be found within the online SAP Fiori reference library. A couple of examples of the change are shown in the screenshots below.



In Part 2 of this blog, we’ll continue this review and expand on the security considerations when leveraging Fiori.

To learn more, contact us or visit Protiviti’s SAP consulting services.

Jay Gohil

Enterprise Application Solutions

Natalie Woo

Senior Consultant
Enterprise Application Solutions

Subscribe to Topics

Protiviti’s @KonstantHacker will join a panel to speak on “Quantum Leap: Securing Manufacturing's Next Frontier with Post Quantum Cryptography” on July 18 in Chicago, IL. Register today for this in-person event. https://ow.ly/s02X50SkfcI #ProtivitiTech #Quantum

Protiviti’s Kim Bozzella explains why it’s crucial for businesses to establish trust through transparent and secure data practices: “Losing trust means losing business.” Learn how to take action now. https://ow.ly/mIAX50Sjjju #ProtivitiTech #DataPrivacy

Protiviti’s Mark Carson discusses the importance of measuring analytics capabilities, the importance of taking an agile approach to analytics assessment, and the future of analytics maturity. Read more in TechTarget: https://ow.ly/GJKw50Siri7 #ProtivitiTech

Protiviti’s @KonstantHacker and guest Benedikt Fauseweh, of TU Dortmund University, discuss Richard Feynman’s 1981 quantum simulator idea, its relevance today and whether this work has anything to do with ‘The Three-Body Problem’ novel and Netflix show. https://ow.ly/CrRY50SibFV

Effective product managers are crucial to a company’s overall business performance. Discover a few challenges product managers may face and ways to set them up for success in the latest Technology Insights Blog post. https://ow.ly/PpjQ50Sh8xH #ProtivitiTech

Load More