This demo focuses on how Business Process Owners (BPOs) and Subject Matter Experts (SMEs) use CERPASS to analyze user access risks, manage controls, and fine-tune the risk rule set to align with specific SAP business processes.
BPO and SME users are granted access to both dashboards/reports and configuration elements such as the Business Controls and Risk Rule Set—allowing them to take action directly within their process scope.
BPOs and SMEs access the same intuitive dashboards introduced in the C-suite view—but with deeper interactivity:
Process-Focused Views
Identify users, roles, and subprocesses contributing to risk in specific business areas.
Drilldown Reports
Every report screen allows drill-down into:
Specific violations
Affected users and roles
Severity by subprocess, user group, or frequency of system use
🔎 Use this insight to redesign access or apply mitigating controls.
| Awareness & Analysis | Action & Control |
|---|---|
| Identify inherent risk in business roles | Apply mitigating controls directly from reports |
| Understand risk by subprocess, user group, severity | Customize risk rule sets with guided wizards |
| Gain visibility into ‘has-run’ (transaction/app usage) data | Adjust roles or access to reduce future risk |
| Pinpoint core risk areas in SAP processes | Align SAP access with process ownership responsibilities |
CERPASS empowers BPOs and SMEs with the visibility and tools they need to:
Own and mitigate risks in their business processes
Collaborate with security and audit teams
Keep SAP access clean, compliant, and well-governed