2020-01-16T17:46:00Z

Which is the best legacy IDM solution for SAP GRC?

I have more than seven years of experience working at a bank. 

We bought SAP GRC that came with SAP IDM. Should we leverage SAP IDM and customize it for legacy or should we acquire a specialized legacy IDM solution? Which is the best option and which solution would you recommend?

Thanks! I appreciate the help.

MM
IT Analyst at a financial services firm with 1,001-5,000 employees
  • 6
  • 68
Share
6
PeerSpot user
6 Answers
WB
Business Consultant Identity & Access management at a government with 1,001-5,000 employees
User
2020-01-20T15:11:04Z
Jan 20, 2020

I would always prefer a specialized IDM solution with OOB connectors to legacy systems and SAP instead of customization of SAP IDM. Most IDM tools are capable of doing role reviews, have SOD tables, and are capable of provisioning and de-provisioning legacy systems without customization. Without knowing what your functional requirements are with regards to IDM I would suggest Okta or Sailpoint.

Like(1)
Reply
Search for a product comparison in GRC
Go!
MP
Senior Product Manager for Identity & Access Management at a non-tech company with 10,001+ employees
Real User
2020-01-20T21:13:52Z
Jan 20, 2020

I have experience with SAP IDM for SAP only and not for other systems. That said, the recommendation would depend on a much more detailed analysis and also a list of which “legacy” systems they have to integrate.

Like(1)
Reply
JS
Account-Manager at a tech vendor with 201-500 employees
Real User
2020-01-20T14:30:36Z
Jan 20, 2020

SAP IDM is a powerful tool if you stay within the „SAP ecosystem“ if you have a lot more applications and target systems to connect you should definitely look into a a full comprehensive IDM solution like Omada. Gartner’s rated Omada as a top vendor for governance needs

Like(1)
Reply
SM
Education Director at ID Integrated Data SA
Real User
Leaderboard
2020-01-20T13:57:06Z
Jan 20, 2020

I’m definitely not an expert in SAPG GRC but I can do some research if I have more details about the request. What are the requirements, what does he want to do?

Like(1)
Reply
JC
VP Channel & Alliances at Ubisecure
Vendor
2020-01-20T12:43:36Z
Jan 20, 2020

You could consider Ubisecure for external IDM needs and Omada for internal external.

Like(1)
Reply
it_user1123740 - PeerSpot reviewer
Shaw Communications at a comms service provider with 10,001+ employees
Real User
2020-01-20T02:54:29Z
Jan 20, 2020

If you are looking for an SAP Certified IAM solution then I suggest One Identity’s Identity Manager product.

Like(1)
Reply
Buyer's Guide
AuditBoard
May 2023
Free Report: AuditBoard Reviews and More
Learn what your peers think about AuditBoard. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
DOWNLOAD NOW
708,243 professionals have used our research since 2012.
Related Questions
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Dec 15, 2022
What is the difference between SOC 1, SOC 2, and SOC 3 compliance?
Hi community members, What are the main differences between SOC 1, SOC 2, and SOC 3 compliance? Thanks.
See 2 answers
CM
Car Detailer at Five Star Auto Sales
Sep 3, 2022
The difference is how the data is given and exactly what information of the that data is given. And I love that it answered so many questions simply. 
Read full answer
Akitra - PeerSpot reviewer
Marketing at AKITRA
Dec 15, 2022
SOC 1 is a financial audit report, SOC 2 is a security and controls report and SOC 3 report is similar to SOC 2 drafted to be presented to a general audience.
Read full answer
Terry Ramabulana - PeerSpot reviewer
Director at Skxprotiviti
Feb 24, 2023
What is your recommended automated audit software for internal and external audit?
Hi community members, I'm the Director of a Consultancy firm. At the moment, I'm looking for automated software for both external and internal audit purposes. It should be able to assist with governance, risk management and compliance (GRC). Which software/solution would you recommend? why?
2 out of 3 answers
EB
Director of Community at PeerSpot (formerly IT Central Station)
Mar 31, 2022
Hello @Alex Alexandre, @Carlos Arturo Quiroga Quiroga, @AdhishP, @Sameh Hablas , @Dani Bachour ​and @Vivek Shah, Can you please assist here? Thank you!
Read full answer
BS
Principal Consultant at Aligne Technologies
Nov 21, 2022
Hi Terry, You may want to look at MetricStream which is one of the market leaders in the Enterprise GRC space and apart from the various risk modules, also has Audit management software.
Read full answer
See all 3 answers
Related Articles
Liam Brandt - PeerSpot reviewer
User at Catalyic Consulting (Pvt.) Ltd
Mar 23, 2023
Governance Risk and Compliance: The Role of Cybersecurity Services Providers
What role does a cybersecurity services provider play in governance, risk, and compliance (GRC)? As businesses face more cyber threats in our digital world, they must manage risks, ensure compliance with regulations, and establish effective governance practices. Cybersecurity service providers help businesses to achieve their GRC goals. Governance, risk, and compliance (GRC) are critical fun...
See 1 comment
Remy Ma - PeerSpot reviewer
Network Security Services at ACE Managed Securty Services
Mar 23, 2023
Cybersecurity services providers are critical in helping organizations manage the complexities of governance, risk, and compliance (GRC). Cybersecurity services help organizations mitigate their risk from cyber threats by providing solutions such as incident response, vulnerability management, network security monitoring, and  Email Cloud Security. These services ensure organizations are able to comply with pertinent regulations, identify and address vulnerabilities, and protect the organization from malware attacks. Moreover, cybersecurity services providers can also help organizations build a comprehensive security plan that takes into account their specific needs and budget. These plans provide management with insights into areas of risk exposure, allowing them to make informed decisions about which security measures need to be implemented in order for their organization to remain compliant. Finally, cybersecurity services providers can help organizations strengthen their ability to detect and address potential threats quickly and effectively. This is done by providing high-quality threat intelligence feeds that supply information on malicious actors and the latest malware variants. These services also allow organizations to develop comprehensive cyber security awareness programs for employees so they are better equipped to spot suspicious activity.
Read full comment
Syed S - PeerSpot reviewer
Program Manager - Information Security at Gulf International Bank
Apr 13, 2022
How important is project management to the execution of cyber security projects?
Have you ever wondered how effective project management can really help you with your Cyber security projects? In recent times, cybersecurity has become an increasingly important issue worldwide. Every year, businesses spend more time and effort protecting their data. Gartner forecasted that global security investments will exceed $172 billion in 2022. Nobody can underestimate the necessity o...
See 1 comment
BV
Sr.Dir/Managing Principal Technology Consulting at a consultancy with 10,001+ employees
Apr 13, 2022
Cybersecurity had been recognized as a Fifth War Domain a while back: Land, Sea, Air, Space, Cyber.  As such, planning for war is important since it provokes managers to THINK.  While the plans that these managers develop are mostly useless since these plans become mostly irrelevant when the Cyber Battle ensues. Preparedness, counterintelligence, logistics, skills, adaptability, and distributed decision-making become more important as compared to PMI principles and best practices ( 'the disciplined agile' should be included and focused on as part of the adaptability;-)).
Read full comment
RC
Enterprise Architect at CDPL
Dec 15, 2021
Privacy issues and regulatory laws to be complied with when implementing an RPA program
Privacy Concerns in an RPA Implementation Program. The biggest concern we (as RPA solution implementors) have faced when interacting with clients and customers were: 1. Regulatory and Compliance issues. 2. InfoSec and Security issues. 3. Audit Issues. Regulatory and Compliance Issues: There is a huge penalty if the wrong data gets updated and emails are sent to customers by the regulatory...
Moderator
DS
Owner at David Strom Inc.
Writer
ExpertLeaderboard
Related Categories
GRC
Identity Management (IM)
Related Questions
Dec 15, 2022
What is the difference between SOC 1, SOC 2, and SOC 3 compliance?
Feb 24, 2023
What is your recommended automated audit software for internal and external audit?
Related Articles
Liam Brandt - PeerSpot reviewer
User at Catalyic Consulting (Pvt.) Ltd
Mar 23, 2023
Governance Risk and Compliance: The Role of Cybersecurity Services Providers
What role does a cybersecurity services provider play in governance, risk, and compliance (GRC)...
Read more
Syed S - PeerSpot reviewer
Program Manager - Information Security at Gulf International Bank
Apr 13, 2022
How important is project management to the execution of cyber security projects?
Have you ever wondered how effective project management can really help you with your Cyber secur...
Read more
Download Free Report
Download our free AuditBoard Report and get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
DOWNLOAD NOW
708,243 professionals have used our research since 2012.