Monitoring and controlling  role design within business systems is a vital part of maintaining a clean status of your SAP systems. Whilst it is often an IT function to build appropriate authorisations, it is important to encourage business ownership wherever possible.

Using Business Role Management (BRM), the technical authorisations can be expressed in terms of Business Roles and aligned to jobs which the business can easily understand. BRM also aids the actual role build process by providing a flexible methodology which encourages good practice and drives consistency and efficiency across your Enterprise System landscape.


At Turnkey Consulting we have significant experience in Business Role Management for Enterprise Systems. We understand both the operational challenges you face in designing and maintaining compliant roles and the tools available to solve them.

Our SAP Security and GRC specialists bring the benefits of their wealth of experience in both auditing Enterprise systems and operating access management solutions throughout a number of industry sectors. Working with your in-house teams, we leverage our experience and deployment accelerators for your industry sector and specific solution landscape as well as our understanding of common requirements for Role Build processes. We then help you to configure the tools available to manage these risks in your systems.

The end-result is a Role Management solution that:

  • Reduces the operational costs of SAP role build
  • Supports business ownership of security and risk
  • Incorporates SoD compliance checks in role build processes
  • Enforces consistency in role documentation
  • Supports your corporate risk management objectives
  • Meets the requirements of both internal and external audit


We recognise that in order to keep your solution free of SoDs it is important to embed business ownership of security into your organisation. Our approach focuses on business engagement throughout to ensure that your business develops both the tools and the mindset required to keep your systems clean of SoDs.

Our approach to implementing the various tools available reflects our technical expertise in SAP GRC, SAP Security and SAP Auditing. We combine this with a strong understanding of what is required to manage a compliant role design which supports appropriate business process controls and avoids the operational challenges of role maintenance. We can use these experiences to help your company find the right balance between giving staff the access they need to do their jobs and closing the real security gaps that put your business at risk.