The implementation and the secure operation of SAP solutions in IT landscapes require the establishment of functioning access regulations and control mechanisms in order to effectively protect business data in the SAP system. An authorization concept provides the basis for the technical implementation of authorizations in the SAP system and considers general and legal standards (e.g. SOX) as well as firm-specific rules with the objective of risk minimisation. Concerning the definition of guidelines it is necessary to consider the landscape’s entire complexity as well as the strategic aims of the IT organisation. Among technical and process driven requirements, these determining factors have a decisive impact on the conceptual configuration and technical implementation of an authorizations concept. Regarding the technical implementation and continuous operation, topics as compliance, maintainability and standards are significant quality factors in order to administrate SAP authorizations sustainably.Our consultants have long time expertise in SAP Application Security. They reliably support you with the implementation and secure operation of authorization concepts for all conventional SAP Modules.