No more typing reviews! Try our Samantha, our new voice AI agent.
SAP Access Control Logo

SAP Access Control Reviews

Vendor: SAP
3.8 out of 5
Leave a review

What is SAP Access Control?

SAP Access Control helps organizations manage user roles and access permissions effectively, ensuring compliance with regulatory requirements through automated processes and risk analysis.

Get the Access Management Buyer's Guide and find out what your peers are saying about SAP Access Control, Microsoft Entra ID, Cloudflare One and more!
SAP Access Control is the #17 ranked solution in top Access Management solutions. PeerSpot users give SAP Access Control an average rating of 7.6 out of 10. SAP Access Control is most commonly compared to Microsoft Entra ID: SAP Access Control vs Microsoft Entra ID.
Buyer's Guide
Access Management
May 2026
Get the category report
Helped 900,277 peers since 2012

SAP Access Control mindshare

As of June 2026, the mindshare of SAP Access Control in the Access Management category stands at 0.9%, up from 0.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Access Management Mindshare Distribution
ProductMindshare (%)
SAP Access Control0.9%
Microsoft Entra ID12.1%
Okta Platform11.1%
Other75.9%
Access Management
 
 
Key learnings from peers

Valuable Features

  • "Having one tool to populate many systems for one user is one of the most beneficial aspects of the product, along with the audit part."
  • "It is an SAP product, so it integrates very well with other SAP products."

Room for Improvement

  • "Because it took time to get advice on a tricky issue, the support from SAP could be better."
  • "It would be better if we could also manage other systems with it. Currently, you have to purchase plugins for it to work with other non-SAP systems. It would be good if there is an easy way to integrate SAP Access Control with other non-SAP systems."

Pricing

  • "It is a part of our package with SAP. There is no extra cost in addition to the license."
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Access Management Buyer's Guide for additional reliable information.

Compare SAP Access Control with alternative products

Go!

Learn more about SAP Access Control

This solution offers robust access management by providing tools to automate and streamline the assignment of permissions, reducing risks associated with unauthorized access. It integrates with existing systems to detect access violations and segregate duties, thus enhancing security and compliance. Users can establish workflows for role assignments, mitigating risks and maintaining audit standards, which is crucial in today's data-driven environments.

What features does SAP Access Control offer?
  • Automated Risk Analysis: Quickly identifies potential risks in access permissions.
  • Segregation of Duties: Ensures incompatible roles do not conflict, providing a clear division of responsibilities.
  • Workflow Management: Streamlines role assignments with customizable approval processes.
  • Continuous Compliance Monitoring: Provides ongoing oversight to ensure regulatory compliance is maintained.
  • Real-Time Alerts: Notifies of any access violations, improving response times.
What benefits or ROI should users consider?
  • Improved Security: Minimizes risks associated with unauthorized data access.
  • Compliance Assurance: Helps maintain adherence to regulatory requirements.
  • Time Efficiency: Reduces manual workload through automation, enhancing productivity.
  • Cost Effectiveness: Lowers the potential for costly breaches and compliance fines.
  • User Accessibility: Simplifies access management for administrators.

SAP Access Control is versatile across industries such as finance, healthcare, and manufacturing, where sensitive data protection is paramount. In finance, it ensures compliance with stringent regulations like SOX. In healthcare, it protects patient information, while in manufacturing, it safeguards proprietary data. Its implementation adapts to industry-specific requirements, providing tailored access and compliance solutions consistently.

Related questions

  • 314
What are the Top 5 cybersecurity trends in 2022?
  • 85
What are some tips for effective identity and access management to prevent insider data breaches?
  • 149
What are your best practices for Identity and Access Management (IAM) in the Cloud?
  • 44
What are security features to look out for when choosing a Customer Identity and Access Management solution?
  • 80
Why is identity and access management (IAM) so important in preventing data breaches?
  • 112
What access management tools would you recommend to help with GDPR compliance?
  • 44
When evaluating Access Management, what aspect do you think is the most important to look for?
  • 152
Which is the best choice of Zero Trust Network Access (ZTNA)?
  • 49
What are some tips for managing the identity lifecycle securely and effectively?
  • 164
What is the difference between IDAM , PIM and PAM?

Product Categories

Product Categories
Access Management

Popular Comparisons

Popular Comparisons
Microsoft Entra ID vs SAP Access Control Logo
Microsoft Entra ID vs SAP Access Control
Cloudflare One vs SAP Access Control Logo
Cloudflare One vs SAP Access Control
See all alternatives
 
SAP Access Control Reviews Summary
Author infoRatingReview Summary
Sap Its Workstream Manager at a energy/utilities company with 10,001+ employees4.0I've used SAP Access Control for around ten years, and it effectively manages user access and risk across multiple systems, though it's complex to configure and occasionally unstable; overall, it's valuable and I’d rate it eight out of ten.
Sr. Manager - SAP Authorization & Complaince at a pharma/biotech company with 1,001-5,000 employees3.5I use SAP Access Control for user provisioning and risk identification. It integrates well with SAP products and is stable. My main concern is integrating with non-SAP systems without extra plugins. Overall, I recommend it and rate it 7/10.
reviewer2129061 - PeerSpot reviewer
reviewer2129061
Sap Its Workstream Manager at a energy/utilities company with 10,001+ employees
Jan 20, 2026
Centralized access control has improved risk detection and streamlined multi-system user provisioning

What is our primary use case?



The major use case for SAP Access Control is to create an end-user account, and the second purpose is to check the Separation of Duties risk and the risk on our roles and authorizations.


Having one tool to populate many systems for one user is one of the most beneficial aspects of the product, along with the audit part. When using Firefighter, we could have information about what a user modified or did in production because we sometimes have to use an SU01 transaction, so in that case, we use Firefighter. The main benefit for me is that it is a global system to manage the user in many systems, and also the assessment of risk with GRC.


What is most valuable?



Having one tool to populate many systems for one user is one of the most beneficial aspects of the product, along with the audit part. When using Firefighter, we could have information about what a user modified or did in production because we sometimes have to use an SU01 transaction, so in that case, we use Firefighter. The main benefit for me is that it is a global system to manage the user in many systems, and also the assessment of risk with GRC.


We are using Access Request to onboard people.


I see some potential improvements for stability because sometimes we do not know why the approval workflow of GRC stops in the middle. When we have a look in GRC, we see that the validation is finished, but that is not the case. Sometimes, we have to check and relaunch GRC.


It helps in risk detection.


The benefits of SAP Access Control's user permissions management are measured through the reports in GRC.


Time savings are obvious. In one request, we are able to create a user in a different system, so it is a time saving. It is a money saving as well because the access manager spends less time creating a user in a different system.


What needs improvement?



SAP Access Control is quite complex.


The complexity arises because we need a GRC specialist to set up the connection between GRC and the other system. We also spend time doing some specific configuration in GRC for the workflow. For example, to manage the workflow, we have to use BRFplus, which is not very easy to use, so this cannot be done by an end-user. We need technical people to do that, and people who know GRC well.


Because it took time to get advice on a tricky issue, the support from SAP could be better.


For how long have I used the solution?



I have been using SAP Access Control for maybe ten years already.


What do I think about the stability of the solution?



For the stability of the product, I would rate it around eight points.


I see some potential improvements for stability because sometimes we do not know why the approval workflow of GRC stops in the middle. When we have a look in GRC, we see that the validation is finished, but that is not the case. Sometimes, we have to check and relaunch GRC.


What do I think about the scalability of the solution?



As we are running GRC on-premises, I have no idea about the scalability of this product.


How are customer service and support?



Because it took time to get advice on a tricky issue, the support from SAP could be better.


I would give SAP support a rating of seven or eight.



How would you rate customer service and support?



Positive



Which solution did I use previously and why did I switch?



I have not worked with something else from another vendor. Currently, we are starting in BTP, in SAP BTP, so we are starting to use manual creation in SAP BTP, but no other solution from vendors.


What other advice do I have?



We do work with some other SAP products. We are using SAP Access Control with the GRC Access Control product.


We are also using the module for Separation of Duties and the Firefighter module.


It is a good feature, and I see a benefit from it.


I am not the one who is responsible for this risk analysis, but I know the feature. Prior to modifying a role or a right for people, we could do a test to see if we will have a risk to modify or not before we modify the role and assign the new role to the people. Also, every year or two times a year, we do a periodic control to audit the risk on people, and it is useful to manage this.


I have not heard about any small problems from my colleagues.


I have no idea about the pricing because this is included in our global SAP contract. We have an amount for the contract, and this does not detail the price of GRC in this amount.


We bought all of our SAP products from SAP.


I would rate this product eight out of ten overall.


Which deployment model are you using for this solution?



On-premises
reviewer1444647 - PeerSpot reviewer
reviewer1444647
Sr. Manager - SAP Authorization & Complaince at a pharma/biotech company with 1,001-5,000 employees
Dec 9, 2020
Automates our user provisioning process and integrates very well with other SAP products but needs better integration with non-SAP products

What is our primary use case?



We use it to automate our user provisioning process. It is used for managing access of SAP users; for example, they can do password reset or assign technical rules to themselves. It is also used for identifying risks.



What is most valuable?



It is an SAP product, so it integrates very well with other SAP products.



What needs improvement?



It would be better if we could also manage other systems with it. Currently, you have to purchase plugins for it to work with other non-SAP systems. It would be good if there is an easy way to integrate SAP Access Control with other non-SAP systems.



For how long have I used the solution?



We've been using it since 2016.



What do I think about the stability of the solution?



It is stable.



What do I think about the scalability of the solution?



It is scalable. We have around 1,000 to 2,000 users.



How are customer service and technical support?



I have used their technical support. It is through tickets that we raise any issues to global support of SAP. There are no problems with their technical support.



Which solution did I use previously and why did I switch?



We didn't have any other solution.



How was the initial setup?



It is pretty straightforward. 



What about the implementation team?



I didn't do it myself. Our servers are outsourced to a third party, so we just ask that third party to install the software.



What's my experience with pricing, setup cost, and licensing?



It is a part of our package with SAP. There is no extra cost in addition to the license.



What other advice do I have?



I would recommend this solution. We are going to keep using this solution.

I would rate SAP Access Control a seven out of ten.



Which deployment model are you using for this solution?



On-premises