Home Test
Business-centric GRC solutions
for companies running SAP
Our entire business is focused on building business-centric GRC solutions that enhance business accountability of risk. As every company’s GRC requirements differ, we’ve developed three ways, namely; hosted, on-premise and managed service that SAP companies can handle their GRC, whatever their internal capability.
What are your GRC business objectives?

Secure SAP solution
Access risk software together
with expert consulting tailored
to your organisation.

Improve efficiencies
Reduce effort for SAP user support and GRC compliance tasks with process improvements and automations.

Comply with regulations
Address data privacy by highlighting sensitive or personal data in SAP, and users who have access to it.

Accountability of access risk
Convert technical GRC language into visual concepts that business users understand and own.
How can Soterion help you?
Soterion has helped organisations for over a decade to extract maximum value from their GRC Investments.

Guided, step-by-step GRC maturity process
Use our proprietary GRC Maturity Model to benchmark your current GRC maturity level and Enhance your GRC capability.

Used by over 200 clients around the world
Soterion has helped organisations for over a decade to extract maximum value from their GRC investments.

Agile approach to integrated risk management
Move from no GRC access risk capability to full visibility, within 24 hours. Rapidly respond to dynamic business challenges.

Powerful, size-sensible features
All the GRC features your business actually needs without complex, unnecessary functionality.

Trusted by the big 4 global audit firms
Audit firms place trust in Soterion’s accurate and easy to use reporting, backed by excellent support.

Total cost of
ownership
Lower cost of ownership with rapid implementation and cloud offerings. Flexible subscription options available.
Soterion’s business-centric solutions
Access Risk Manager
Basis Review Manager
Elevated Rights Manager
SAP License Manager
Periodic Review Manager
Central Identity Manager
Data Privacy Manager
Password Self- Service
Access Risk Manager
The Access Risk Manager provides customers with the ability to identify their SAP access risk exposure using a user-friendly web application. Additional functionality includes risk remediation recommendations and the “What-if” Allocation Simulator. The Simulator will allow you to pre-empt risk bearing access prior to applying the change request in SAP, thus ensuring a pro-active approach to SAP access risk management.
Basis Review Manager
SAP Basis Configurations provide system-level controls to secure an SAP system. The Basis Review Manager compares your SAP Basis Configuration to an industry best-practice set of rules. Since these configurations usually form part of an annual external audit, our Basis Review Manager allows you to be prepared, and will establish complete compliance to avoid adverse audit findings.
Elevated Rights Manager
The Elevated Rights Manager grants sensitive fire-fighting access in an automated workflow-driven process, and enables your management team to perform a structured review of any activities that were performed during the Elevated Rights Access period.
SAP License Manager
The SAP Licensing Manager provides you with the insight you need to tailor your SAP license agreement to your organisation’s specific requirements; ensuring optimal contract management and complete compliance whilst reducing unplanned and excess costs.
Periodic Review Manager
Periodically reviewing your SAP user access, analysing the associated risks and evaluating the necessary controls will align your GRC capacity with your individual business targets. This process will significantly enhance the insight into your GRC environment, as well as being an audit and statutory requirement in many business environments.
Central Identity Manager
The Central Identity Manager introduces the Business Role concept to improve efficiencies in the SAP user provisioning process. Standardisation of job functions across the organisation reduces complexity and the effort required to manage and review SAP user access.
Data Privacy Manager
The Data Privacy Manager analyses all tables in SAP and highlights those that contain fields with personal or sensitive information, categorising the data by Data Domain and Subject.
Password Self-Service
Soterion allows users to reset their Soterion as well as their SAP passwords. This functionality reduces business down-time by empowering users to reset passwords instantly.
Trusted by customers worldwide
What Our Clients Say
Jacolien Slabbert – IT Manager
TSB Sugar
“The GRC process is a journey… Identify a partner such as Soterion, who understands your business requirements and can walk the journey with you.”
Peter Atkinson – Project Manager
Weir Minerals
“Soterion consulting was an absolute pleasure to work with. They not only have incredible knowledge in the SAP authorization and SAP GRC space, but their professionalism shone through throughout the project.”
Cuan Kloppers – CIO
Samancor Chrome
“We have achieved Full System Reliance from our external auditors for the first time in three years, thanks to Soterion’s SOD risk rule set.”
Basile Sepsakos – Head of IT
United Energy
“Soterion’s clean-up exercise allowed us to reduce our Segregation of Duties (SOD) count by 98% without any impact on business.”
Visit our blog

Driving Governance at Bridgestone
Discover how Bridgestone Australia used Soterion’s GRC solution to effectively…
READ MOREJanuary 25, 2022
Can Pablo Escobar teach us something about Risk Management?
Written by Dudley CartwrightCEO of Soterion
Pablo Escobar is one of the most…
READ MORENovember 10, 2021
Event – UKISUG Connect 2021 – 29 to 30 Nov
Visit us at UKISUG Connect 2021
Come and visit our booth at UKISUG Connect 2021. We are looking forward to connecting with delegates in…
Stay informed
Receive news of events, webinars and SAP security and GRC related insights delivered to your inbox.
[super_form id=”5464″]