0

Take Identity and Access Management

to the Next Level Securely

Matthew Pecorelli

1

In This Session …

• You will understand the key drivers behind Accenture’s decision

to migrate to the SAP NetWeaver Identity Management 7.2

component (SAP NetWeaver ID Management) and get an overview

of how this implementation was successfully delivered.

• You will obtain an understanding of Accenture’s global SAP

software implementation.

• You will get a glimpse of how Accenture Delivery Methods for

SAP can help you deliver high-value, complex SAP solutions.

• You will understand how Accenture has leveraged key features of

SAP NetWeaver ID Management 7.2 to create a best-of-breed

identity management solution.

2

• SAP at Accenture

• Key Drivers Behind the Implementation of SAP NetWeaver ID

Management 7.2

• Implementation Overview

• Wrap-Up

What We’ll Cover …

3

• SAP at Accenture

• Key Drivers Behind the Implementation of SAP NetWeaver ID

Management 7.2

• Implementation Overview

• Wrap-Up

What We’ll Cover …

4

SAP at Accenture

5

SAP at Accenture

RUNS SAP

SAP at Accenture - A Bit About Our Company…

• Revenue

US$27.9 billion annually

6 working days to close our books

• Countries

Over 120 countries

13 geographic units

3 geographic areas

• Employees

Over 261,000

Copyright © 2013 Accenture All Rights Reserved. 6

Accenture is perhaps the only services industry company

in the world running a multibillion dollar, diverse

business on a single database instance of SAP software.

SAP at Accenture - A Bit About Our Company…

• Breakdown of business:

2 types of work: consulting and outsourcing

5 industry-based operating groups (public service, resources, products, communications & high tech, financial services)

3 growth platforms: (SI&T, MCIM, outsourcing)

• Major SAP user groups:

Finance: Controllership, global service center, client financial matters, finance reporting, and treasury

HR: Global service center, personnel admin, and HR global reporting

Sales: Opportunity support and sales force

Project teams: Engagement financials reporting and updates

Copyright © 2013 Accenture All Rights Reserved. 7

8

SAP at Accenture – System Overview

System Program name Technical

abbreviation

Sarb-Ox

controlled

SAP ERP 6.0 Financials and human resources RP1 Yes

SAP NetWeaver Portal Desktop PP1 No

SAP NetWeaver BW 7.0 Business reporting BP2 No

Integrated planning software in SAP

NetWeaver BW 7.0 Integrated forecasting solution BP2 No

SAP Business Planning and

Consolidation Planning and consolidation BP2 Yes

SAP Customer Relationship

Management (SAP CRM) 4.0 Sales – management CP1 No

SAP solutions for GRC 10.0 Access compliance JP2 Yes

SAP Global Trade Services 10.0 Denied party screening XP1 No

SAP NetWeaver CE Enterprise service architecture IP1 No

SAP Solution Manager Solution manager MP1 No

SAP NetWeaver ID Management 7.2 Identity manager UP1 Yes

Copyright © 2013 Accenture All Rights Reserved.

SAP at Accenture – SAP Scope

9

Copyright © 2013 Accenture All Rights Reserved.

Business functions supported by SAP software Requisition to pay (RTP)

• Manage suppliers

• Process purchasing

requisition (via Ariba)

• Process invoice

• Process payment

• Bank integration

Time and expense (T&E)

• Process personnel time

• Process personnel expenses

• MyT&E feeds

• Suspense processing

• Integrate employee data

Order to cash (OTC)

• Set up and maintain

customer information

• Set up and maintain contract,

project, WBS

• Process contract transactions

• Analyze and forecast

contract

• Record and adjust revenue

• Process inter-entity

transactions

• Invoice customer

• Manage customer

receivables

• Bank integration

• Collect and apply customer

payments

• Close out contract

Record to report (RTR)

• Establish and maintain chart of

accounts (global and statutory)

• Maintain currency exchange rates

• Asset accounting

• Process journal entries

• Prepare and consolidate legal

• Entity financial statements

Controlling (CO)

• Profit / cost center hierarchies

• Manage internal projects

• CO journal entries

• Settle external costs

• Settle internal costs

• Perform allocations and

assessments

• Profitability analysis

• Cost center accounting

Reporting and analysis (BI)

• Load management reports (finance,

HR, sales)

• Release reports

• Ad hoc reporting support

Denied party screening (DPS)

• Audit Accenture customers and

vendors against denied-party

business listings

Sales

• Opportunity management

SAP components

• SAP ERP 6.0 (R3)

• SAP NetWeaver BW

• SAP NetWeaver BW –

integrated planning (IP)

• SAP Customer Relationship

Management (SAP CRM)

• SAP Business Planning and

Consolidation

• SAP NetWeaver Portal

• SAP solutions for governance,

risk, and compliance (GRC)

• SAP Global Trade Services

• Payroll (Spain and Portugal

only)

• SAP NetWeaver Identity

Management (SAP NetWeaver

ID Management)

SAP modules

• Financial accounting: FI-

GL/SPL/TV/AP/FA

• Sales and distribution: SD

• Materials management: MM-

PUR/IV/EDI

• Project system: PS

• Human resources: HR-PA/TM,

CA-TS

• Controlling: CO-PCA/CCA/PA

• Business information: BI, BI-IP

SAP tools

• SAP GUI

• SAP Solution Manager

Personnel administration (PA)

• Maintain employee data

• HR transactional reporting

Integrated forecasting

• Set annual corporate forecast

• Collect monthly client team

revenue forecast

• Create corporate financial

forecast

• Define personnel demand

• Define personnel supply

• Perform demand/supply

balancing

• Update corporate forecast

Cross-functional teams

• SAP program infrastructure

(release mgmt, product test,

cutover; operations leadership)

• Close team (monthly financial

close management; close and

performance testing)

• Archiving (quarterly movement

of data to low-cost storage)

• Security (application security

role development, role

provisioning, SoD audits)

• Tech infrastructure (basis, data

services, environment mgmt,

change control, batch)

• Operations support for the

enterprise (OSE)

9

10

• SAP at Accenture

• Key Drivers Behind the Implementation of SAP NetWeaver ID

Management 7.2

• Implementation Overview

• Wrap-Up

What We’ll Cover …

11

Key Drivers Behind the Implementation of

SAP NetWeaver ID Management 7.2

• Stability and scalability

• Support cost

• Compatibility with SAP roadmap

• Integration with SAP solutions for GRC

• Integration with SAP NetWeaver BW

12

Key Drivers – Stability, Scalability, and Support Cost

• SAP NetWeaver ID Management 7.2 is more stable than outdated

legacy system.

Legacy system consisted of hundreds of custom stored

procedures.

• Extensions to legacy system were costly and required long lead

times.

Created a road block for business changes

• Oracle support skills were more difficult to staff.

Large SAP and development delivery centers already in place

13

Key Drivers – Compatibility with SAP Roadmap

• As SAP expands solution via rapid acquisition and large-scale

system upgrades, third-party identity management solutions are

often several steps behind.

• SAP has a vested interest in keeping its identity management

solution in lock-step with its solution landscape.

This was by far our biggest issue!

14

Key Drivers – Integration with SAP Solutions for GRC

and SAP NetWeaver BW

• Integration with SAP solutions for GRC

Desire to integrate real-time SoD functionality with provisioning

workflow

• Integration with SAP NetWeaver BW

Desire to improve visibility to critical access and issues across

the global security model

Need to accelerate audit activities and reduce manual effort

15

• SAP at Accenture

• Key Drivers Behind the Implementation of SAP NetWeaver ID

Management

• Implementation Overview

• Wrap-Up

What We’ll Cover …

16

• End-user request, approval, and provisioning across all

production SAP systems and clients

• User-friendly, self-service tool used by global user base (50,000+

end users)

• Simplify the number of steps required to request and approve

• Streamline the search for business roles

• Phased rollout

Implementation Overview – Scope

17

Implementation Overview – Application Architecture

Copyright © 2013 Accenture All Rights Reserved.

Implementation Overview – Custom UI Request

Implementation Overview – Custom UI – Role Search

Implementation Overview – Custom UI – Approve

Implementation Overview – Timeline

Copyright © 2013 Accenture All Rights Reserved.

22

Integration with SAP NetWeaver BW

• Leverages SAP NetWeaver BW

engine within SAP solutions for

GRC 10.0 (ABAP stack)

Automation of weekly

compliance reporting

process

Reduced manual

work/errors

On-demand results

SAP NetWeaver ID

Management reporting

Comprehensive identity

reporting

Proactive auditing and

issue resolution Copyright © 2013 Accenture All Rights Reserved.

Integration with SAP Solutions for GRC 10.0

Risk Analysis Result

Direct Privilege

New Business

Role

Existing Business

Role

Approval Workflow

SoD Analysis

Provisioning Framework

Create access request

SAP NetWeaver ID

Management

SAP solutions for

governance, risk, and

compliance (GRC) 10.0

provide real-time

segregation of duties

analysis.

23 Copyright © 2013 Accenture All Rights Reserved.

Future Plans

• Operationalize GRC integration – June 2013

• SP8 – Summer 2013

• SP9 – January 2014

• Implement attestation – Q1 2014

25

• SAP at Accenture

• Key Drivers Behind the Implementation of SAP NetWeaver ID

Management NW 7.2

• Implementation Overview

• Wrap-Up

What We’ll Cover …

26

Your Turn!

Matthew M. Pecorelli

Principal

matthew.m.pecorelli@accenture.com