GDPR & ComplianceNow
ComplianceNow supports many of the tasks related to GDPR. GDPR is about handling the internal and external personal data processed by SAP and ensuring appropriate control over the data identified as GDPR critical. Preparing your company for GDPR may have an impact on your user and role concept. Your roles, the combination of the roles assigned to the users, and the present governance structure for role and user maintenance may need to be redesigned or extended. This is where ComplianceNow can assist you in your GDPR journey.
ComplianceNow can assist you with an analysis of your present situation by giving you a clear picture of what is used and what is not used. Such a usage analysis can help you narrow down the potential work associated with adjusting your authorisation concept to support the requirements of GDPR. GDPR is not only about getting GDPR ready but also about finding a method to stay GDPR compliant. With our preventive Access Control module, you can, along with your SoDs, handle your critical GDPR access in the user provisioning and role design. The reporting engine and the dashboard will support you in working with your legacy risks as well as help you document trends of critical GDPR risks.
If your GDPR readiness requires changes to your existing roles or perhaps even a full role redesign, we can assist you with executing your role test faster, with better quality, and without a heavy impact on either the compliance team or the business users. Our Emergency User Access module can assist and document the process of handling emergencies in the productive system with the aim of eliminating any use of non-documented and non-controlled use of SAP_ALL in the productive system.
Using Access Control in conjunction with Usage Monitor can assist you in the preventive work of your GDPR compliance process. In addition, if you experience a need to investigate the level of access and usage, the tools can provide you the information within minutes. Narrowing down the area of analysis will speed up the process of getting answers and save you important time. This will give you a lead in the preventive GDPR work as well as allow you to react quickly when required.
We do not claim to have a complete remedy for your GDPR issues. GDPR is like a spider’s web touching multiple technologies and governance structures within your organisation and will most likely require a multi-vendor strategy. ComplianceNow can assist you in monitoring privileges, analysing risks, maintaining roles, and managing access.