About 'SAP Authorizations Logic, where did it all go wrong?', e-book, published on 19 Dec. 2014
It was really a very nice and fast reading and simple and easy to understand.
25 Feb. 2015 | Piyush Jain, eBusinez.net, India.
Thank you for the article. It was an eye opener. I have learnt one or two things useful things regarding CSI versus SAP GRC – Most clients we audit have SAP GRC and they sometime do not understand why we still insist on running CSI. To them, as long as they have SAP GRC then they think all their authorisation issues are solved.
11 Feb. 2015 | Charles Chavula, Manager at Sizwe Ntsaluba Gobodo, South Africa.
(...) I must say I was impresssed by the quality of your work. (...) It really helps in understanding the SAP authorization logic and the "plane" example was really smart! (...) Thanks again for your contribution to the SAP security world.
4 Feb. 2015 | David Métivier, Senior IT & IS auditor at Sodexo, France.
I recently read your ebook. It is very well written and conveys the unique advantages of the CSI approach versus SAP GRC.
03 Feb. 2015 | Aman Dhillon, SAP Security Architect, Layer Seven Security, ON USA.
Goed verhaal, leuk en interessant vergelijkend warenonderzoek ook in het 2e deel ;-)!
Red. (freely translated) Great story, nicely brought and interesting comparison study of the solutions on the market.
28 Jan. 2015 | Harold Ulijn, Senior SAP Consultant at The Future Group, The Netherlands
I enjoyed your paper and agree with you. It seems most SAP security folks just follow what was done before them and really have no idea of the details or the reason they build roles as they do and spend too much time at just looking at the Tcodes.
28 Jan. 2015 | Clark Greenshields, Security Managing Consultant at IBM, USA
Many thanks for this very clear document. I find that it would be a good reminder of some basic principles about authorisations and is also very useful in explaining how GRC reports conflicts.
28 Jan. 2015 | Sophie Lane, SBS Compliance & Risk Management at Solvay, United Kingdom
I read the e-book and I found it quite interesting. Especially the examples at the end and the comparison between GRC and CSI.
27 Jan. 2015 | Iraklis Kanavaris, CISA, Assisstant Manager at KPMG, Greece
Initial read and my thoughts are along the lines of what others have found.
The first 8 pages explains the complexity of SAP security very well, especially to project managers or leads that don't have a solid understanding of SAP security.
Thank you so much.
27 Jan. 2015 | Alexander Le, SAP Security Consultant at Goodman Fielder Ltd., Australia
Yes, I l think the e-book is worthwhile to read.
26 Jan. 2015 | Richard Vermeulen, Internal Audit Lead Manager, JT International, Netherlands
Really nice e-Book. Thank you for sharing
24 Jan. 2015 | Daniel Jørgensen, Manager IT Advisory at KPMG Denmark
BTW very interesting reading :)
non-academic (I like) and close to the field practice ( I like as well)
24 Jan. 2015 | Sinot Eric, Security Expert at Bluewin Switzerland
Congratulations for the book, it´s very important to keep he community up-to-date with security issues.
24 Jan. 2015 | Mauricio Fiss, Partner at ICTS Protiviti Sao Paulo, Brazil
Was a good read indeed with some nice historic information which most of us who are only around as of ECC6 let's say do not really realize.
23 Jan. 2015 | Johan Cosyns, Senior Consultant at axl & trax, Belgium
Very interesting ebook! A must-read.
21 Jan. 2015 | Philippe Herau, CIO at Impalium - Belgium
I read this document "SAP Authorizations Logic, where did it all go wrong?" available on the website of you. Very good. (...)
Well detailed. Commendable.
4 Jan. 2015 | Rafael Fontoura, SAP Netweaver Administrator at BasisIT Consulting - Brazil
This should be required reading for everyone involved in security. Thanks for posting!
31 Dec. 2014 | Liz O'Sullivan, SAP Security and Controls Expert at Swisscom IT Services - Switzerland
I downloaded and read "SAP Authorizations Logic, where did it all go wrong?"
Very basic & very clear document!
Thank you for that.
30 Dec. 2014 | Jaap van der Meer, Teamlead CG Security & Authorization at Philips IT Application - The Netherlands
Very interesting article and a heads up for all working with authorization...
30 Dec. 2014 | Geir Sommerset, Enterprise Architect at Forsvaret - Norwegian Armed Forces - Norway