Our platinum partner axl & trax published a nice case study how the French Blood Service l"Etablissement Français du Sang (EFS) used CSI tools to audit and rework its role design into a new role concept.
(...) Johan believes that the challenge of SAP security is first to really understand how it works. CSI tools give its customers guidance to simplify the complexity by splitting it into two layers (...)
Every single day, successful companies are reinventing themselves, resulting in constantly assessing their risk exposure by finding inconsistencies in what people are allowed to do, can do, did and can almost do. CSI tools have developed dynamic analytics tools that deliver intelligence from and to decisions taken in identity and access governance for SAP environments.
http://www.insightssuccess.com/csi-tools-pragmatic-solutions-for-sap-security/
Business is all about change. Change is the single greatest GRC challenge today. Organizations do not operate in a static environment that slowly evolves; today’s organization is in a continuous state of change. Consider employees in context of their access to critical business systems: new ones are hired, others change roles, and still others leave or are terminated. In the context of change, internal controls over financial reporting, regulatory requirements (e.g., SOX), internal and external auditors, and fraud risk put increased pressure on corporations to ensure ERP systems are secure and access control risks are managed in the context of a dynamic business environment.
By adding the right Access Control components to their SAP infrastructure, organizations can significantly improve enterprise risk management and corporate compliance with applicable laws and regulations.