What needs improvement with SAP Customer Identity and Access Management?


Please share with the community what you think needs improvement with SAP Customer Identity and Access Management.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
11 Answer

author avatar
Top 10Real User

The automated provisioning only works well with the SAP products and there are some problems with the non-SAP products. Even if it is SAP, if it is a non-ABAP system, it is a little bit problematic. We find it hard to translate things into the SAP world. SAP has introduced IAG, Identity Access Governance. That piece does the risk analysis, as far as I know, however, the IAM doesn't do that. The risk analysis is doing the checks of whether you have access to set up things which have conflicts, like creating an employee and paying the employee. That kind of access. The IAM is basically not doing the same kind of checks as the IAG. I have heard that IAG can do risk analysis, however, what we have done at one client is we have the IAG management solution from SAP, and then it was tied to a solution of SAP called GRC, GRC Access Control, and then we were running the risk analysis from there. There are multiple levels of interfaces involved, it's not a one-stop solution. It is overly complex. You have to interface IDM with SAP and GRC, and then GRC will check into the actual plugin system. Due to the fact that it is multiple levels of interface that you need to deal with, sometimes, if something fails, it's very hard to troubleshoot. You do need to be knowledgeable about the solution. It's not a good product for beginners, especially in terms of deployment.

Find out what your peers are saying about SAP, Ubisecure, Omada and others in Customer Identity and Access Management. Updated: September 2021.
535,544 professionals have used our research since 2012.