Quickly design SoD-free roles based on usage data using a drag-and-drop cockpit.
Xiting Role Designer
Role Designer enables role administrators to design new roles in a drag-and-drop cockpit virtually and to simulate what-if scenarios through virtual role assignment.
Role Designer can also test those new roles against segregation of duties (SoD) conflicts and other issues, either against SAP Access Control (GRC) or XAMS’s internal risk framework. If you are planning on migrating your ECC system to SAP S/4HANA, the Xiting Role Designer can instantly migrate your existing roles, saving you months of manual labor.
SAP users are often over-authorized. But doing a manual trace analysis to determine what authorization users need is cumbersome, time-consuming and error-prone.
Often, there is no transparency of which roles are most suitable for a missing authorization and which organizational structures the user belongs to.
Another challenge is anticipating SoD conflicts. Identifying SoD conflicts can often only be done during role assignment, and if issues are found, the affected roles have to be updated in a development environment before being transported back to production – a resource-consuming process.
With Role Designer, you can evaluate the user’s historical usage data and, in combination with best-practice role templates, create a suitable authorization concept for your users that is based on the least-privilege principle. That ensures that all your users are properly authorized but without too far-reaching permissions.
Even during the role design phase, and before the roles are created in the profile generator (PFCG), you can analyze all roles for critical authorizations. Additionally, you can simulate the impact of role changes on end-users in real-time.
Role Designer also dramatically shortens the test phase of the roles, since significantly fewer corrections have to be made. Furthermore, Role Designer replaces the cumbersome spreadsheets that are often used in classic redesign projects.