Xella manufactures and markets building materials, gypsum fiberboard and cement-bonded dry lining panels together with lime and limestone under the brand names Ytong, silka, mulipor, hebel and fermacell.
A reorganization of Xella’s SAP authorization concept was necessary because of audit issues in 2007/2008.
In the reorganization project, Xella chose to keep an active role to gain knowledge about the tooling and methodology. At Xella, they're now able to fully maintain the authorization concept themselves; CSI Role Build & Manage supports the authorization maintenance.
“I would always suggest a company to use CSI tools, get skilled and trained in the methodology of the authorization concept and in using the tools rather than just being consulted. With this knowledge you can maintain the authorization concept yourself and keep it compliant after the project is finished."
CSI Accelerator, now CSI Role Build & Manage, was used together with axl & trax‘s SOD-free SAP single roles to speed up the reorganization process. "It was from the very beginning relatively good understandable that the authorizations are built in blocks. The function-tasks concept". Every task a user performs corresponds with a single role in a SAP system. The function of a person (the combinations of tasks), corresponds with a composite role in a SAP system. “Because of this concept, the organization had a good understanding of the authorizations. They see their own descriptions in job roles and they know what their authorizations are”. Over the years, Xella is still very satisfied with this concept and continues using the role build and management tool, because it is very easy to maintain changes. For example, to make organizational changes, you only have to adjust the organization structure in the tool and it will generate the roles for you. The function-tasks concept is very stable and is implemented in the other SAP systems by Xella herself. New system lines were implemented with the authorization concept and audit did not have remarks about this concept.
Xella is in the process of redefining the Segregation of Duty (SOD) procedures using axl & trax’s predefined SOD conflicts rule set. These procedures are implemented together with the (client and web based) role- and user change requests functionality of CSI Authorization Auditor.
“We have built up a very good cooperation and partnership with the SAP security company axl & trax and CSI tools", says Frank Haertwig.