Use Case Summary
This demo focuses on how Business Process Owners (BPOs) and Subject Matter Experts (SMEs) use CERPASS to analyze user access risks, manage controls, and fine-tune the risk rule set to align with specific SAP business processes.
✅ Access Profile
BPO and SME users are granted access to both dashboards/reports and configuration elements such as the Business Controls and Risk Rule Set—allowing them to take action directly within their process scope.
✅ Dashboards & Reports: Actionable Risk Insights
BPOs and SMEs access the same intuitive dashboards introduced in the C-suite view—but with deeper interactivity:
-
Process-Focused Views
Identify users, roles, and subprocesses contributing to risk in specific business areas. -
Drilldown Reports
Every report screen allows drill-down into:-
Specific violations
-
Affected users and roles
-
Severity by subprocess, user group, or frequency of system use
-
🔎 Use this insight to redesign access or apply mitigating controls.
✅ CERPASS Enables BPO/SME Users To:
| Awareness & Analysis | Action & Control |
|---|---|
| Identify inherent risk in business roles | Apply mitigating controls directly from reports |
| Understand risk by subprocess, user group, severity | Customize risk rule sets with guided wizards |
| Gain visibility into ‘has-run’ (transaction/app usage) data | Adjust roles or access to reduce future risk |
| Pinpoint core risk areas in SAP processes | Align SAP access with process ownership responsibilities |
✅ Outcome
CERPASS empowers BPOs and SMEs with the visibility and tools they need to:
-
Own and mitigate risks in their business processes
-
Collaborate with security and audit teams
-
Keep SAP access clean, compliant, and well-governed