Where to Start Modernizing SAP Access Governance with GRC 12.0 Fiori Capabilities: Part 1

In this two-part blog (see Part 2 here), we highlight how to improve the customer experience around SAP GRC apps using SAP Fiori. We also look at some of the benefits to consider when thinking about modernizing and maturing the processes and technology which support access governance of SAP applications.

An improved customer experience

C-suite executives are increasingly investing in technologies that focus on improving customer experience and gaining customer trust. While most of the discussion has been on improving the experience to drive revenue growth, why can’t we also apply these strategies to SAP access governance? The most common SAP GRC Access Control customers would include managers, auditors, owners/approvers, functional support team members and potentially all SAP end-users. While these customers have been interacting with the application through a web-based interface, the design and usability is long overdue for a refresh.

Fiori

With the introduction of S/4HANA, Fiori Launchpad has become the user-centric entry point to perform business activities. The Fiori interface design provides end-users a simplified and consistent view for the application using Fiori Apps and the Fiori design framework. As part of this new design shift, SAP has extended these Fiori design principles into the latest version of SAP GRC 12.0.

To take it a little deeper: Fiori is a web-based user interface (UI) layer; it separates the front-end interface from the back-end application. Fiori provides a consistent and modern UI across any platform by which end-users are no longer required to memorize SAP transaction codes to access the application. An end-user can simply search for an app by keywords and the results display instantaneously. Since Fiori is an adaptive web-based UI, the end-user can now access the application via their mobile devices, which completely changes the traditional way of accessing SAP applications.

Access Control 12.0 Fiori apps

In SAP GRC Access Control 12.0, SAP delivers a set of standard GRC Fiori apps. Below, we explain the different types of Fiori apps and where to locate additional information about them.

There are multiple types of Fiori apps and each are defined by their underlying technology design. Within Access Control, two main types of Fiori design principles are utilized. The first is what we might refer to as native Fiori apps, which are based on the use of oData services. The alternative app type leverages the use of the existing services from the backend with an updated interface or Fiori-like apps.

Native Fiori apps for Access Control

Several Fiori apps have been designed from the ground up using the latest frameworks and are delivered by SAP as a starting point for organizations to update their SAP GRC experience. The details of the SAP-delivered apps can be found in the SAP Fiori Apps Reference library. The apps which are related to SAP GRC Access Control are noted in the table below and grouped by type:

These apps are a starting point for organizations to begin transitioning towards a more mobile-friendly and modern user experience. They should be evaluated to understand the fit within existing processes and any potential gaps or challenges that should addressed (fit-gap analysis). For example, a recent client discussion uncovered a requirement to allow users to submit requests for firefighter IDs (emergency access IDs) via mobile devices. After evaluating the Request Access app, the client determined this was a gap which required additional evaluation. Therefore, challenges should be expected and planned for when deploying Fiori apps within the organization.

Fiori-like experience

In addition to the true Fiori apps, the latest version of Access Control allows clients to enable Fiori apps within the Fiori Launchpad which link the user to the existing Access Control applications and services (e.g., WebDynpro applications). These Fiori-like apps bring the existing applications into the Fiori UI, leveraging existing screens and behavior but with an updated theme for a much-needed makeover to a more modern user interface design (moving from the SAP Corbu theme to SAP Belize). These apps are not native Fiori applications, and therefore will not be found within the online SAP Fiori reference library. A couple of examples of the change are shown in the screenshots below.

 

 

In Part 2 of this blog, we’ll continue this review and expand on the security considerations when leveraging Fiori.

To learn more, contact us or visit Protiviti’s SAP consulting services.

Jay Gohil

Director
Enterprise Application Solutions

Natalie Woo

Senior Consultant
Enterprise Application Solutions

Subscribe to Topics

Are you interested in becoming a #quantum coder? The #quantumcomputing industry is struggling to find talent. Join #ProtivitiTech host @KonstantHacker for a chat about the path to this exciting career with Peter Noell from @ColdQuanta. http://ow.ly/JkKv50KRRcW

In this #ProtivitiTech webinar, we will walk through #security breach case studies we have responded to, break down how attackers targeted and exploited the environments, and how the attacker was able to evade detection or exfiltrate #data. Register now: http://ow.ly/wFL950KQRiZ

In this #ProtivitiTech webinar, hear from panelists that are leading the way in #cybersecurity as they share their experiences on how #genderdiversity plays into the broader #talentgap and the consequences organizations will face if not addressed. http://ow.ly/KM6x50KLT9N

Business continuity and resilience are critical topics in boardrooms and among the C-suite. We have updated our guide to answer key questions, no matter the industry you’re in. Download your copy today. http://ow.ly/f75v50KPwUM

#ProtivitiTech #businesscontinuity

Identifying #cybersecurity issues and creating #riskmanagement plans can be complex. A #CISO who provides relatable information will help in planning for cybersecurity needs. Read more from #ProtivitiTech Terry Jost and Andy Retrum in @AgendaWeek. http://ow.ly/6tna50KPmi4

Load More