Skip to main content Skip to Footer

CLIENT CASE STUDY

SAP Identity Management

Accenture's global security solution enhances digital compliance, agility and efficiency

Overview

Accenture faces the ongoing need to deliver a comprehensive user security solution that is compliant with controls and operates with increasing compliance, agility and efficiency across multiple business units, business processes and applications via a single source of truth.

Over the past decade, Accenture has combined a rigorous approach of governance and process-focused delivery of security operations with an Identity Management (IDM) and Governance, Risk, and Compliance (GRC) solution, both from SAP.

The resulting IDM solution automates more than 99 percent of the SAP-related privileges in a standard month and more than 90 percent of entitlements across all applications in scope, allowing a provisioning team smaller than it was 10 years ago to support five times the number of applications and greater user request volumes.

Accenture today can address audit questions better, faster and more cost-effectively than in prior years. Moreover, rather than audit teams finding issues, Accenture’s security teams now prevent issues or proactively identify and resolve them.

Opportunity

Accenture is running a core set of global applications, including a single global instance of SAP that provides the backbone of Accenture’s business for its more than 336,000 employees in more than 120 countries. This requires a robust application security model and security operations processes that protect the confidentiality, integrity and availability of Accenture’s data. These operations must also contend with a fast pace of business change and growth and Accenture’s digital agenda. Given this environment, Accenture faces the ongoing need to deliver a comprehensive user security solution that is compliant with controls and operates with increasing compliance, agility and efficiency across multiple business units, business processes and applications via a single source of truth.

Solution

Over the past decade, Accenture has combined a rigorous approach of governance and process-focused delivery of security operations with an Identity Management (IDM) and Governance, Risk, and Compliance (GRC) solution, both from SAP, to achieve the goals of delivering a solution simultaneously compliant, agile and efficient.

Three key factors have contributed to the solution’s long-running success:

  • Governing with a process-centered, cross-organizational perspective

  • Integrating GRC capabilities

  • Automating role authorization using centralized IDM

The resulting IDM solution automates more than 99 percent of the SAP-related privileges in a standard month and more than 90 percent of entitlements across all applications in scope, allowing a provisioning team smaller than it was 10 years ago to support five times the number of applications and greater user request volumes.

Results

Accenture today operates with a global security solution that is compliant with controls, yet delivers business solutions with increasing compliance, agility and efficiency, via one single source of truth. Moreover, rather than audit teams finding issues, Accenture’s security teams now prevent issues or proactively identify and resolve them.

From a business perspective, while audit findings were low previously, the implementation and integration of the solution with SAP GRC 10.0 has driven them lower with earlier visibility.

In efficiency, SAP IDM has helped Accenture significantly reduce the steps needed to make a user provisioning request. The request process, which took 15 minutes and 34 clicks, was reduced to 13 steps and only requires two to five minutes from a user, an improvement of more than 250 percent and with a 67 percent reduction in labor. Provisioning, now highly automated, has been reduced from one to two days on average down to just a few minutes.

Support costs for SAP IDM are lower compared to the prior team needed to support the legacy application architecture. Accenture estimates that over a three-year period the total cost of ownership is projected to decline by 40 percent.

Accenture treats SAP GRC and IDM as an asset, and continually looks to the power that these tools can bring to better comply, be agile and be efficient. Implementing SAP GRC and SAP IDM has served to further enhance the value of SAP at Accenture, and will help to continue improve operations, support digitization initiatives and deliver business value.

“Accenture now has transparency in its Finance and HR systems environment that is well beyond what is expected for an environment as complex as ours. And we can address audit questions better, faster and more cost-effectively than in prior years.”
KAREN QUICK

Internal Controls lead
Accenture