Technology Insights HOME | Perspectives from Our Experts on Technology Trends and Risks

Technology Insights HOME

Perspectives from Our Experts on Technology Trends and Risks.

Search

ARTICLE

4 mins to read

Where to Start Modernizing SAP Access Governance with GRC 12.0 Fiori Capabilities: Part 1

Jay Gohil

Director - Business Platform Transformation

Natalie Woo

Senior Manager - Business Platform Transformation

Views
Larger Font
4 minutes to read

In this two-part blog (see Part 2 here), we highlight how to improve the customer experience around SAP GRC apps using SAP Fiori. We also look at some of the benefits to consider when thinking about modernizing and maturing the processes and technology which support access governance of SAP applications.

An improved customer experience

C-suite executives are increasingly investing in technologies that focus on improving customer experience and gaining customer trust. While most of the discussion has been on improving the experience to drive revenue growth, why can’t we also apply these strategies to SAP access governance? The most common SAP GRC Access Control customers would include managers, auditors, owners/approvers, functional support team members and potentially all SAP end-users. While these customers have been interacting with the application through a web-based interface, the design and usability is long overdue for a refresh.

Fiori

With the introduction of S/4HANA, Fiori Launchpad has become the user-centric entry point to perform business activities. The Fiori interface design provides end-users a simplified and consistent view for the application using Fiori Apps and the Fiori design framework. As part of this new design shift, SAP has extended these Fiori design principles into the latest version of SAP GRC 12.0.

To take it a little deeper: Fiori is a web-based user interface (UI) layer; it separates the front-end interface from the back-end application. Fiori provides a consistent and modern UI across any platform by which end-users are no longer required to memorize SAP transaction codes to access the application. An end-user can simply search for an app by keywords and the results display instantaneously. Since Fiori is an adaptive web-based UI, the end-user can now access the application via their mobile devices, which completely changes the traditional way of accessing SAP applications.

Access Control 12.0 Fiori apps

In SAP GRC Access Control 12.0, SAP delivers a set of standard GRC Fiori apps. Below, we explain the different types of Fiori apps and where to locate additional information about them.

There are multiple types of Fiori apps and each are defined by their underlying technology design. Within Access Control, two main types of Fiori design principles are utilized. The first is what we might refer to as native Fiori apps, which are based on the use of oData services. The alternative app type leverages the use of the existing services from the backend with an updated interface or Fiori-like apps.

Native Fiori apps for Access Control

Several Fiori apps have been designed from the ground up using the latest frameworks and are delivered by SAP as a starting point for organizations to update their SAP GRC experience. The details of the SAP-delivered apps can be found in the SAP Fiori Apps Reference library. The apps which are related to SAP GRC Access Control are noted in the table below and grouped by type:

These apps are a starting point for organizations to begin transitioning towards a more mobile-friendly and modern user experience. They should be evaluated to understand the fit within existing processes and any potential gaps or challenges that should addressed (fit-gap analysis). For example, a recent client discussion uncovered a requirement to allow users to submit requests for firefighter IDs (emergency access IDs) via mobile devices. After evaluating the Request Access app, the client determined this was a gap which required additional evaluation. Therefore, challenges should be expected and planned for when deploying Fiori apps within the organization.

Fiori-like experience

In addition to the true Fiori apps, the latest version of Access Control allows clients to enable Fiori apps within the Fiori Launchpad which link the user to the existing Access Control applications and services (e.g., WebDynpro applications). These Fiori-like apps bring the existing applications into the Fiori UI, leveraging existing screens and behavior but with an updated theme for a much-needed makeover to a more modern user interface design (moving from the SAP Corbu theme to SAP Belize). These apps are not native Fiori applications, and therefore will not be found within the online SAP Fiori reference library. A couple of examples of the change are shown in the screenshots below.

 

 

In Part 2 of this blog, we’ll continue this review and expand on the security considerations when leveraging Fiori.

To learn more, contact us or visit Protiviti’s SAP consulting services.

Was this article helpful to you?

Thanks for your feedback!

Subscribe to The Protiviti View Blog

To face the future confidently, you need to be equipped with valuable insights that align with your interests and business goals.

In this Article

Find a similar article by topics

Authors

Jay Gohil

By Jay Gohil

Verified Expert at Protiviti

Visit Jay Gohil's profile

Natalie Woo

By Natalie Woo

Verified Expert at Protiviti

Visit Natalie Woo's profile

No noise.
Just insights.

Subscribe now

Related posts

Article

What is it about

The upstream oil and gas industry is characterized by complex operations and significant financial transactions. SAP S/4HANA supports these operations...

Article

What is it about

Growth is good. But too much of a good thing can present challenges to any well-established business. In this case,...

Article

What is it about

SAP Datasphere, previously known as SAP Data Warehouse Cloud, represents a significant evolution in data management and analytics solutions offered...