SAP IDM and GRC integration can help your business

Due to extensive usage of web Applications, Identity and Access Management (IAM) for an enterprise as become major challenge. It’s always a check point to choose right tools to manage IAM process. IAM process involve regulatory compliance and focus on risk management. It involves lots of complexity and burdensome to manage Identity and Access Management.

In SAP we have two tools responsible, for Identity Management it is SAP IDM and for Access Management (IAM) it is SAP GRC process control.


SAP IDM and SAP GRC are two different sap applications which plays a vital role in areas of access management. The major difference between SAP IDM and SAP GRC is, SAP IDM user provisioning is to perform user creation and assign access where in SAP GRC deals analyzing user access and new access requests to determine if there are any issues that may lead to compliance breaches.

Here there is definitely have a necessity of integrating this two tools. There should be a link between these two functions for access provision and control of access. A company has to have track and control on access i.e. who has access to what extend till what duration and to which systems.

In many companies this things are managed manually checking access as who can access what and when, checking compliance issues. So access must only be granted when proper checks have been made. These checks are still performed manually by staff who effectively act as the link between SAP IDM and GRC software tools. But when you maintain this manual link obviously spending time and money on employing people to manage the process and this also exposes you to the possibility of human error, or a situation where the necessary checks are enough.

SAP IDM Architecture with SAP GRC Access Control

 and also SAP NetWeaver Identity Management GRC Integration

How can integration help you?


SAP Identity Management is an identity management tool that that enables right access to right people to access the right data on right system for the right reasons and at the right time. SAP IDM manages the full identity life cycle of users – from joining the organization, to taking on new positions within it. It control and assigns user access by providing access as per current business roles, and manages passwords with self-service capabilities and approval workflows. When a user leaves the organization, SAP IDM then automatically removes access rights.



SAP Governance, Risk and Compliance is a SAP tool that helps organizations to synchronize information and activity across certain entities. It enables users to have a company-wide view of key compliance issues and deploy compliance into daily business processes like user provisioning, role management, emergency access management and risk assessment. GRC (Governance, Risk and Compliance) also helps automating routine audit and compliance processes to guard against both direct and indirect breaches. It also alerts control owners when controls need to be tested, stores testing and sign-off data, creates and delegates remediation plans and keeps an audit trail of changes.

When you integrate SAP Identity Management and GRC you create a situation where the two systems talk to each other directly and all the necessary checks take place automatically

In Fact the integration between SAP IDM and SAP GRC is not only possible, but it is also straightforward to implement. Lack of knowledge and awareness this process is still behind the scenes, we have limited working examples and case studies available.

There also have some hesitation around integrating such sensitive areas of an organization’s processes, where mistakes can have such devastating and costly effects. However, it is important to remember that SAP IDM and GRC integration is not about creating new processes, it is about automating existing ones. The outcome doesn’t change it’s still about ensuring the right people get access to the right systems and information without compromising security and creating compliance issues.

But the key point is that, through automation, you not only negate the many risks inherent in manual processes, but you also release a lot of your people from this task saving your  time and money and freeing up staff for more valuable work.

There are different versions of SAP IDM and GRC like

SAP IDM 7.2, SAP IDM 8.0, SAP IDM 8.0 SP6

However SAP IDM latest version is SAP IDM 8.0