Our Services

Our Services

Expert SAP Security Consultants

A team of expert consultants with vast knowledge in SAP security, risk and controls across multiple SAP platforms (ECC, S/4HANA, SuccessFactors etc) assist our customers in securing their SAP environments, striving towards SAP Security Utopia. Combine ‘on-tap’ GRC expertise with Soterion’s Compliance Cloud platform for a complete GRC solution. Delivered in collaboration with Soterion’s consulting Partner Network.

Consulting and Advisory

SAP security is both complex and technical. Ensuring the SAP role design provides SAP users with the appropriate access is a key control. Coupled with this, is the chosen SAP role methodology, one that is flexible for a dynamic and ever-changing organisation. The SAP roles form the foundation of all things GRC.

Deficiencies in the role design will negatively affect the organisation’s GRC capability. Ensuring that the correct blend of security and the level of flexibility requires experienced SAP security consultants. Soterion have a team of expert consultants with vast knowledge in SAP security, risk and controls across multiple SAP platforms (ECC, S/4HANA, SuccessFactors etc) to assist our customers in securing their SAP environments and to extract maximum value from their GRC investment.

Rule set customisation projects are becoming increasingly more important to ensure that the organisation monitors risks that are relevant. To facilitate a rule set project requires skilled resources who have a great understanding of SAP authorisations as well as the business processes.


The quality of the customised rule set is very dependent on the skill level of resource facilitating the project. Soterion’s consultants, with many years of technical knowledge, are well equipped to perform a rule set project having completed many of these around the world.

As organisation’s start moving to S/4HANA, security will be a priority for most organisations. S/4HANA comes with additional complexity from a security perspective as SAP users will inherit some of their access from the Fiori layer. The requirement to have skilled security advice during your S/4HANA project to ensure that the best possible role methodologies are implement will be crucial.


Any sub-standard security project will result in the organisation being over-exposed to fraud risk or having a very support intensive SAP security solution to administer. Soterion’s consultants have been involved in numerous S/4HANA projects and are well versed to provide valuable expertise in this area.

GRC Managed Services

Many organisations do not have the inhouse capability to effectively manage their SAP security and Governance, Risk and Compliance (GRC) activities. Not only do you require skilled SAP authorisation resources to ensure the technical role build is performed correctly, you also need expertise in the areas of risk, audit and controls. Finding such resources in-house is a challenge for many organisations and thus it is a function that can easily be outsourced.

Soterion have a team of skilled consultants who have great technical expertise in SAP security, risk and compliance, in addition to having in-depth knowledge of the audit requirements.

Another specialised skill set that the Soterion managed service team can offer our client’s is risk and controls advisory services. This area of expertise generally requires a great understanding of the business processes in SAP and how these pertain to access risks. When defining controls, again this requires in-depth knowledge of SAP and the various business processes to be able to suggest the most appropriate controls available.

All of the above is an offering that we provide to our managed service customers. We provide our clients with skilled expertise in all areas required for effective governance, risk and compliance at the fraction of the cost it will be to source these skills in-house.

Background - Contact

Experience a better way of managing your GRC today

Speak to one of our GRC consultants to explore how we can help solve your GRC objectives

Terms of Use

How will we use the information about you? Here at Soterion we take your privacy seriously and will use your personal details submitted to email you the requested information. If you opt in to stay informed we will contact you from time to time with Soterion related content. You can unsubscribe at any time. Read our full privacy policy here.