Where to Start Modernizing SAP Access Governance with GRC 12.0 Fiori Capabilities: Part 1

In this two-part blog (see Part 2 here), we highlight how to improve the customer experience around SAP GRC apps using SAP Fiori. We also look at some of the benefits to consider when thinking about modernizing and maturing the processes and technology which support access governance of SAP applications.

An improved customer experience

C-suite executives are increasingly investing in technologies that focus on improving customer experience and gaining customer trust. While most of the discussion has been on improving the experience to drive revenue growth, why can’t we also apply these strategies to SAP access governance? The most common SAP GRC Access Control customers would include managers, auditors, owners/approvers, functional support team members and potentially all SAP end-users. While these customers have been interacting with the application through a web-based interface, the design and usability is long overdue for a refresh.


With the introduction of S/4HANA, Fiori Launchpad has become the user-centric entry point to perform business activities. The Fiori interface design provides end-users a simplified and consistent view for the application using Fiori Apps and the Fiori design framework. As part of this new design shift, SAP has extended these Fiori design principles into the latest version of SAP GRC 12.0.

To take it a little deeper: Fiori is a web-based user interface (UI) layer; it separates the front-end interface from the back-end application. Fiori provides a consistent and modern UI across any platform by which end-users are no longer required to memorize SAP transaction codes to access the application. An end-user can simply search for an app by keywords and the results display instantaneously. Since Fiori is an adaptive web-based UI, the end-user can now access the application via their mobile devices, which completely changes the traditional way of accessing SAP applications.

Access Control 12.0 Fiori apps

In SAP GRC Access Control 12.0, SAP delivers a set of standard GRC Fiori apps. Below, we explain the different types of Fiori apps and where to locate additional information about them.

There are multiple types of Fiori apps and each are defined by their underlying technology design. Within Access Control, two main types of Fiori design principles are utilized. The first is what we might refer to as native Fiori apps, which are based on the use of oData services. The alternative app type leverages the use of the existing services from the backend with an updated interface or Fiori-like apps.

Native Fiori apps for Access Control

Several Fiori apps have been designed from the ground up using the latest frameworks and are delivered by SAP as a starting point for organizations to update their SAP GRC experience. The details of the SAP-delivered apps can be found in the SAP Fiori Apps Reference library. The apps which are related to SAP GRC Access Control are noted in the table below and grouped by type:

These apps are a starting point for organizations to begin transitioning towards a more mobile-friendly and modern user experience. They should be evaluated to understand the fit within existing processes and any potential gaps or challenges that should addressed (fit-gap analysis). For example, a recent client discussion uncovered a requirement to allow users to submit requests for firefighter IDs (emergency access IDs) via mobile devices. After evaluating the Request Access app, the client determined this was a gap which required additional evaluation. Therefore, challenges should be expected and planned for when deploying Fiori apps within the organization.

Fiori-like experience

In addition to the true Fiori apps, the latest version of Access Control allows clients to enable Fiori apps within the Fiori Launchpad which link the user to the existing Access Control applications and services (e.g., WebDynpro applications). These Fiori-like apps bring the existing applications into the Fiori UI, leveraging existing screens and behavior but with an updated theme for a much-needed makeover to a more modern user interface design (moving from the SAP Corbu theme to SAP Belize). These apps are not native Fiori applications, and therefore will not be found within the online SAP Fiori reference library. A couple of examples of the change are shown in the screenshots below.



In Part 2 of this blog, we’ll continue this review and expand on the security considerations when leveraging Fiori.

To learn more, contact us or visit Protiviti’s SAP consulting services.

Jay Gohil

Enterprise Application Solutions

Natalie Woo

Senior Consultant
Enterprise Application Solutions

Subscribe to Topics

As businesses compete for #quantum compute time, things can get complicated. @Strangeworks provides shorter queue times and cost and access control for customers. Join @KonstantHacker as he chats on this with Cesar Rodriguez from @Strangeworks. http://ow.ly/jERF50Gvo0W

Read this #SAP Blog to learn five considerations that have improved #ROI for our clients, highlight new ways of working and the art of the possible in the organization’s future #S4HANA system compared to ECC 6.x systems. http://ow.ly/WE5I50GuBRT

#ProtivitiTech #analytics #cloud

The intersection of #5G and #edgecomputing technologies will reinvent industries, change the way #security is implemented and revolutionize business operations. Learn in #Technology Insights why 5G and edge computing impacts approaches to security: http://ow.ly/hut750Gu2Um

Digitally transforming business with #Dynamics365 CE provides organizations with easy configuration and #integration with other #Microsoft products, fewer post-deployment issues and can be accessed anywhere. Read more in the #Technology Insights blog: http://ow.ly/AueX50GqQZs

In Protiviti's #cybersecurity #webinar series, learn insights from the effectiveness of crisis management response in #ransomware attacks to articulating core concepts of #zerotrust and the toolsets needed to architect zero trust. Explore sessions here: http://ow.ly/qVLp50Gi52T

Load More...