Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Managaement
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Partners
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social Responsibility
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Careers
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Blogs
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
FAQs
We've put together a comprehensive list of frequently asked questions - along with our responses - to the most common GRC and SAP security issues.
18 February 2019

Managing SAP's automated access termination process

Companies across the globe all face similar issues when it comes to effectively managing the termination of access to IT applications when an employee/contractor has the left the organisation. 

It is not uncommon to find terminated users who are inconsistently managed across the environment, for example; a terminated user who is both valid and unlocked; a user who is locked but is valid; a user who is unlocked but is invalid; or a user who is assigned to the group terminated but is neither locked or valid.

Often the system that manages employment status and validity (employee source of truth) is independent of the systems performing access management, which can cause a disconnect in the termination process if the two systems are not integrated. This regularly leads to ongoing audit issues and a lot of manual effort to manage.

The video below illustrates a use case of an organisation who is looking for an automated way to address this concern in their IT landscape.

 



The companies Active Directory system is the source of truth for employees and the subsequent network account disablement of users is independent of the SAP account disablement process, which often leads to an inconsistent treatment of user access and terminated user accounts left open.

The company leverages their SAP GRC Access Control tool and integrates this with their ITSM tool ServiceNow to automate the termination of users, based on AD account termination events to provide a consistent and automated way of managing the user termination process.

So that's a quick overview to help you manage this process effectively.

 



How integrating SAP IDM and SAP GRC can help your business twitter banner

 

About Turnkey

Turnkey Consulting is helping to make the world a safer place to do business by specialising its expertise across Integrated Risk Management, Identity and Access Management, and Cyber and Application Security. We provide business consulting, technology implementation and managed services to help customers safeguard their application environments - protecting critical ERPs (such as SAP, Oracle and MS Dynamics) and wider enterprise systems.