You are the head of SAP security. Well, we have a story for you here.

For one of these reasons below your SAP security is not as clean as you would like it to be:

• Security comes at the end of the project and most of the consultants had already left when it came to that point
• Most of the budget has already been spent (see problem above)
• Project was rolled-out late. Let's make it simple and we'll fix that later (which never happened).

Because there were no precise roles or profile definitions, you sometimes ended up creating custom profiles for specific users and adding transactions directly to them. It may work for a few (sometimes many) years but down the road comes the Sarbanes Oxley Act requiring precise new business operation procedures along with requests for thorough IT access controls and your second name changes to "T" for Trouble.

Does this story ring a bell?  We have been there before with many of our customers. We have designed methods and solutions to help companies get through this with minimal time and budget efforts. Here's what we recommend:

• See who is doing what
• Identify gaps 
• Create a new adequate security plan 
• Make sure it matches all regulations and the company's procedures

Now is the time.  Let us help.