Home Test

Business-centric GRC solutions
for companies running SAP

Our entire business is focused on building business-centric GRC solutions that enhance business accountability of risk. As every company’s GRC requirements differ, we’ve developed three ways, namely; hosted, on-premise and managed service that SAP companies can handle their GRC, whatever their internal capability. 

What are your GRC business objectives?

Secure SAP Solution

Secure SAP solution

Access risk software together
with expert consulting tailored
to your organisation.

Improve Efficiencies

Improve efficiencies

Reduce effort for SAP user support and GRC compliance tasks with process improvements and automations.

Comply with Regulations

Comply with regulations

Address data privacy by highlighting sensitive or personal data in SAP, and users who have access to it.

Enhance Business Accountability of Access Risk

Accountability of access risk

Convert technical GRC language into visual concepts that business users understand and own.

How can Soterion help you?

Soterion has helped organisations for over a decade to extract maximum value from their GRC Investments.

Guided step by step GRC Maturity Process

Guided, step-by-step GRC maturity process

Use our proprietary GRC Maturity Model to benchmark your current GRC maturity level and Enhance your GRC capability.

Used by over 200 Clients around the World

Used by over 200 clients around the world

Soterion has helped organisations for over a decade to extract maximum value from their GRC investments.

Agile Approach to Integrated Risk Management

Agile approach to integrated risk management

Move from no GRC access risk capability to full visibility, within 24 hours. Rapidly respond to dynamic business challenges.

Powerful, Size-Sensible Features

Powerful, size-sensible features

All the GRC features your business actually needs without complex, unnecessary functionality.

Trusted by the big 4 Audit Firms

Trusted by the big 4 global audit firms

Audit firms place trust in Soterion’s accurate and easy to use reporting, backed by excellent support.

Total Cost of Ownership

Total cost of

Lower cost of ownership with rapid implementation and cloud offerings. Flexible subscription options available.

Soterion’s business-centric solutions

Access Risk Manager
Basis Review Manager
Elevated Rights Manager
SAP License Manager
Periodic Review Manager
Central Identity Manager
Data Privacy Manager
Password Self- Service

Access Risk Manager

The Access Risk Manager provides customers with the ability to identify their SAP access risk exposure using a user-friendly web application. Additional functionality includes risk remediation recommendations and the “What-if” Allocation Simulator. The Simulator will allow you to pre-empt risk bearing access prior to applying the change request in SAP, thus ensuring a pro-active approach to SAP access risk management.


Basis Review Manager

SAP Basis Configurations provide system-level controls to secure an SAP system. The Basis Review Manager compares your SAP Basis Configuration to an industry best-practice set of rules. Since these configurations usually form part of an annual external audit, our Basis Review Manager allows you to be prepared, and will establish complete compliance to avoid adverse audit findings.


Elevated Rights Manager

The Elevated Rights Manager grants sensitive fire-fighting access in an automated workflow-driven process, and enables your management team to perform a structured review of any activities that were performed during the Elevated Rights Access period.


SAP License Manager

The SAP Licensing Manager provides you with the insight you need to tailor your SAP license agreement to your organisation’s specific requirements; ensuring optimal contract management and complete compliance whilst reducing unplanned and excess costs.


Periodic Review Manager

Periodically reviewing your SAP user access, analysing the associated risks and evaluating the necessary controls will align your GRC capacity with your individual business targets. This process will significantly enhance the insight into your GRC environment, as well as being an audit and statutory requirement in many business environments.


Central Identity Manager

The Central Identity Manager introduces the Business Role concept to improve efficiencies in the SAP user provisioning process. Standardisation of job functions across the organisation reduces complexity and the effort required to manage and review SAP user access.


Data Privacy Manager

The Data Privacy Manager analyses all tables in SAP and highlights those that contain fields with personal or sensitive information, categorising the data by Data Domain and Subject.


Password Self-Service

Soterion allows users to reset their Soterion as well as their SAP passwords. This functionality reduces business down-time by empowering users to reset passwords instantly.


Trusted by customers worldwide

sysmexsysmex_greynttntt_greymedia24media24_greymacsteelmacsteel_greylundinmininglundinmining_greykomatsukomatsu_greyjdgroupjdgroup_greyitaltileitaltile_greyduocduoc_greydgbdgb_greydeneldenel_greycontactenergycontactenergy_greyclicksclicks_greycelimacelima_greycashbuildcashbuild_greybupabupa_greybuilders warehousebuilders warehouse_grey

What Our Clients Say

Jacolien Slabbert – IT Manager

TSB Sugar

“The GRC process is a journey… Identify a partner such as Soterion, who understands your business requirements and can walk the journey with you.”

Peter Atkinson – Project Manager

Weir Minerals

“Soterion consulting was an absolute pleasure to work with. They not only have incredible knowledge in the SAP authorization and SAP GRC space, but their professionalism shone through throughout the project.”

Cuan Kloppers – CIO

Samancor Chrome

“We have achieved Full System Reliance from our external auditors for the first time in three years, thanks to Soterion’s SOD risk rule set.”

Basile Sepsakos – Head of IT

United Energy

“Soterion’s clean-up exercise allowed us to reduce our Segregation of Duties (SOD) count by 98% without any impact on business.”

Visit our blog

February 8, 2022

Driving Governance at Bridgestone

Discover how Bridgestone Australia used Soterion’s GRC solution to effectively…

READ MOREJanuary 25, 2022

Can Pablo Escobar teach us something about Risk Management?

Written by Dudley CartwrightCEO of Soterion
Pablo Escobar is one of the most…

READ MORENovember 10, 2021

Event – UKISUG Connect 2021 – 29 to 30 Nov

Visit us at UKISUG Connect 2021
Come and visit our booth at UKISUG Connect 2021. We are looking forward to connecting with delegates in…


View all articles

Stay informed

Receive news of events, webinars and SAP security and GRC related insights delivered to your inbox.

[super_form id=”5464″]