SAP Access Control Upgrade and Migration Service

By the end of 2020, SAP will discontinue support and maintenance for SAP GRC versions 10.0 and 10.1. At that time, customers will be required to upgrade to version 12.0.

SAP Access Control 5.3 (VIRSA) was built on a technology that did not allow extensive customization. Fortunately, SAP improved that situation with versions 10.0, 10.1 and 12.0, all of which are based on SAP ABAP. 

However, certain features — such as improved firefighting, reporting, and user interfaces, as well as the integration of new technology such as HANA and Fiori — are only available with the two latest versions (10.1 and 12.0).

SAP Access Control Path from 5.3 to 12.0

Moving from version 10.0 to 10.1 to 12.0 is considered an upgrade, and SAP provides standard tools to support the process. But given the fact that version 5.3 uses different technology, customers need to define a migration path that relies on a proven methodology to reduce the risk of introducing data inconsistencies. 

By the end of 2020, SAP will discontinue its Access Control 10.x maintenance program and will assess consulting fees to any future support requests. As such, we recommend upgrading to version 12.0 as quickly as possible.

More information can be found on the Product Availability Matrix (PAM).

Can I upgrade to SAP Cloud Internet Access Governance (SAP Cloud IAG)?

SAP Cloud Identity Access Governance (SAP Cloud IAG) is a cloud service from SAP Cloud Platform (SCP) that offers a range of identity and access management capabilities, such as self-service access requests for on-premise and cloud applications, access risk analysis, role design and more. Each of the services can work independently or in combination.

SAP Cloud IAG offers similar functionality as, but does not replace, SAP Access Control. As such, there is no direct upgrade path. 

However, you can integrate SAP Cloud IAG with your SAP Access Control solution through the SAP Cloud IAG Bridge in order to also leverage on-premise capabilities in the cloud.

What Do You Get With Our Upgrade and Migration Service?

The latest release provides a broad range of new functionalities and improvements, which we will combine and adapt to your organization’s requirements. 

Here’s what you can expect:

Our Service Offerings

Our proven methodology guides you from project kickoff to the after-go-live support phase. Each step in the project is outlined and supported by tools and checklists that provide a smooth transition to the new system. Plus, we will activate any additional functionality that you require.

In addition to setting up a new system, our service will also ensure the audit-compliant phaseout of your old system. But even after the go-live period, Xiting can support you in the operation of your new GRC landscape on an on-demand basis. 

Our Approach

Our company was founded in 2008, and since then we have implemented multiple SAP Access Control systems and SAP authorization concepts. We understand both your technical needs and the business and regulatory requirements, and have developed an approach that takes all of this into account.

Our approach is tailored to your needs and split into four phases, from “Assess & Design” to “Operate & Support.” We will implement the functionalities you’re currently using as well as new functionalities as defined in the business blueprint. You will enjoy a smooth transition to a new system tailored to your needs.

Our Service Approach

Upgrade and Migrate Your SAP Access Control System With Confidence

To meet the various compliance requirements (ICS, SOX and FDA, for example) and guidelines on enterprise-wide rights and access control, you need an optimized and automated solution. Implementing the SAP Access Control software solution will address those needs.

SAP Access Control is designed to make sure that access to your business-critical data in SAP is secured and segregated to meet compliance and regulatory requirements.

Risk-free upgrade and migration

2020 marks the end of the life cycle for SAP GRC Access Control 10.x. New functionality is primarily being developed for SAP Access Control 12.0. Over the last few years, many companies have implemented SAP Access Control to protect their information assets by managing SAP authorizations effectively and reliably. 

SAP is steadily developing its GRC portfolio, adding new and improved functionality to bring more value to its customers. Our SAP GRC upgrade and migration service is a proven and reliable solution that enables you to bring your SAP Access Control system to the next level.

Your journey with us

Upgrading your SAP Access Control system will give you immediate benefits, but it will also prepare you for your future journey.

Upgrading your system will empower you to extend the limits and functionality of your current SAP Access Control solution, ensuring smooth integration with new SAP solutions like Fiori, HANA, and Cloud applications. It will also provide a more intuitive interface and better reporting capabilities. 

Xiting is prepared to accompany you on your journey. Thanks to our extensive network, you’ll always be up to date on the latest trends and best practices. 


What modules come with SAP Access Control 12.0?

SAP Access Control 12.0 consists of the same modules as previous versions. The solutions consist of the Access Risk Analysis (ARA) for risk assessment, Access Request Management (ARM) for workflow-driven provisioning, Emergency Access Management (EAM) for firefighting (Firefighter), and Business Role Management (BRM) for enterprise role management.

Does SAP Access Control 12.0 offer a ruleset for SAP S/4HANA and SAP Fiori?

If you have SAP S/4HANA, and/or SAP Fiori apps, you can activate the provided BC Sets to enhance the ruleset with segregation of duties (SOD), critical permission and action risks. That enables Access Risk Analysis to include and identify violations for SAP S/4HANA and the SAP Fiori apps for proper risk management. We recommend upgrading to the highest support pack to get the latest rules.

Do you require SAP Fiori with GRC 12.0?

Fiori is the new standard interface in GRC 12.0 solutions, replacing (and enhancing) the traditional SAP GUI and Netweaver Business Client (NWBC). While SAP has enriched the user experience with Fiori, it is not a requirement to upgrade. NWBC and the SAP Portal are both still supported in GRC 12.0 solutions. The primary benefit of SAP Fiori is that it provides users with a central location for all their applications and activities. If you decide to move ahead with SAP Fiori, you will need SAP UI 7.52 SP02.

Can you integrate SAP Access Control with cloud solutions like SAP SuccessFactors, SAP Ariba, etc.?

The most significant new functionality in SAP Access Control 12.0 is the integration of cloud solutions like SAP Ariba, SAP Concur, SAP Success Factors, and S/4HANA Cloud. One requirement for cloud integration is the use of SAP Cloud Internet Access Governance (IAG). Learn more about SAP Cloud IAG here: 

Can you analyze risks in SAP HANA?

SAP Access Control allows you to manage access and risk analysis for SAP HANA database-based authorizations to support SAP HANA Performance Applications and SAP HANA Business Analytics.

Alessandro Banzer

Get in touch with us!

Do you have questions about our products?

+41 43 422 8803
[email protected]
+49 7656 8999 002
[email protected]
+1 855 594 84 64
[email protected]
+44 1454 838 785
[email protected]

Attend our live webinars and learn more from our experts about SAP authorizations, XAMS, SAP IDM and many other topics in the context of SAP security.

Register now