SUMMARY:

• To ensure my 5+ years of experience, SAP Security, Business Analysis, RPA & GRC expertise provides an efficient and effective structure for ensuring the security, integrity, transparency, automation, accuracy and availability of all the enterprise information by associating with developing environment where my technical, analytical and management skills can be utilized in providing halp and support to the company/ client to increase her growth, which in turn is my growth.
• A seasoned professional with over four (4) years of SAP Technology and GRC Consulting experience covering the areas of GRC Framework design & implementation, SAP GRC solution components (Access Control, Process Control, Risk Management & Audit Management) design, implementation and support.
• 3 full lifecycle implementations of SAP GRC and Security projects from design phase to post implementation phase, 3 SAP GRC and Security Support project experience, 1 SAP GRC phase zero project and 1 SAP GRC and Security roll - out project
• Strong experience in Security Audit and designing Authorization roles for SAP ERP, SAP S/4HANA, SAP HANA, SAP Solution Manager, SAP CRM, SAP HR, SAP BI/BW, SAP SRM, SAP Fiori and Enterprise portal systems.
• Made recommendations, best practices and halped customers define Standard Operating Procedures Document as most new and upgrade GRC projects undertaken has required work on SOX 404 especially with customers where other SAP solutions may has already been in use and authorization risk is extensive. Such customers required a pre-analysis of wat was assigned, wat assignment collectively constituted risks, wat the usage frequency of these risks were while providing time estimations for wat it would take to remediate or mitigate going forward.
• Implemented most projects as a Solution Architect by drafting Project Plans, Business Blueprints, providing a sustainable Technical Architecture to support Functional requirements and driving it successfully through Realization, Testing, s and Post Implementation Support cutting across the Manufacturing, Oil & Gas, FMCG, Financial and Outsourcing industries.
• Supported business and IT segregation of duties analysis and maintained coordination with business and IT stakeholders around user role definition and security design
• Held business discussions in improving control & audit processes and recommend best practices for overall process improvements and auditing
• Strong ability to diversify and understand new technologies and applications and grasp them in order to stay in tune with the tech sector and its requirements with exceptional communication and interpersonal skills.
• Spearheaded and managed IT & Business Risk and Compliance improvement projects; Coordinated with stakeholders at all levels for timely and effective implementation and on-going maintenance of IT & Business Risk and Compliance

PROFESSIONAL EXPERIENCE:

Confidential

Support Consultant

Responsibilities:

• Supporting the SAP GRC Process Control, Risk Management and Audit Management solution
• Integration of the GRC application with the in-house Power BI tool for reporting
• Integration of master data (organization structure, risk, controls etc) to ensure harmonization and benefit realization of the three solutions.
• Working closely with the GRC SME’s and end users to enhance smooth running and adoption
• Customization, configuration, continuous support and roles/ authorization fixes and handholding of end users for continuous usage
• Ensure improvement of processes through effective risk management, controls design and testing, policy management and risk-based audit.
• Configuration of GRC solutions (Access Control, Process Control, Risk Management and Audit Management) Working with the team to ensure revenue generation for the company
• Reporting on current GRC projects
• Conduct demos and respond to RFQ’s to ensure other GRC deal closure
• Worked closely with the GRC SME’s to enhance and track adoption of the SAP GRC Access control and Process control systems
• Resolved authorization issues (tickets) on ERP, HCM, Fiori, Portal, GRC systems within SLA
• Supported end users on usage of the GRC system for continuous access risk analysis, surveys, policy management, access request management, manual test of controls for completeness & effectiveness, continuous controls monitoring, emergency access management and business role management. cleaned-up roles and performed remediation activities to reduce the access risks analysed to the barest minimum level and for quicker benefit realization.
• Monthly and daily profile generation Analysis of missing authorizations
• Prepared and presented weekly and monthly reports for all the requests using SOLMAN system and the SOD conflicts pertaining to SAP Security
• Conducted technical & functional s and prepared slides to suit the requirements and enhance adoption
• Gatheird requirements, coordinated with business and technical teams and design authorizations for support and enhancement projects
• Used AGR*, USR*, USH* tables and SUIM for different reporting and analysing purposes
• Extensively performed and monitored transaction codes SU01, PFCG, SUIM, SU53, SU10, SU56, ST01, SU24, SU21, PFUD, SUPC, STMS, SE01/SE09/SE10, SM18, SM19, SM20, SM30, SE11, SE16, SE37, SE38/SA38, SE93, SE54, SE80, SM12 and SE97 in SAP Security
• Periodic review of mitigation control and inform control owners on the changes and expiration

SAP GRC and SECURITY IMPLEMENTATION Consultant

Confidential

• Validated scope statement, project plan and solution prototype build to ensure successful implementation of SAP GRC AC & PC 10.1 solutions on HANA database
• Championed data gathering workshops with business stakeholders and configured the GRC Access Controls components (ARA, BRM, EAM, ARM, MSMP, BRF+ & UAR) & Process Control components (Master Data, MTE, PM, IM, CCM & Survey) solutions in accordance with the project plan and business requirements along with other team members.
• Created and renamed/ maintained single, composite & derived roles and transported roles from Development system to Quality Assurance system and finally to Production system to enforce proper naming convention, risk remediation and proper segregation of duties on the connected ERP and HCM systems.
• Handled s (EUT, TTT, UAT), delivered blueprint document, security policy document, step by step documents for each solution and built a detailed custom Risk and Control Matrix (RACM) document from a data bank through extraction.
• Prepared MDUG template used for mass upload and created LSMW project for mass user creation and role assignment
• Reflected client Workflow configuration and second level authorization as required
• Built Data sources and business rules which included sub scenarios like Configurable, ABAP reports etc.
• Creation of Surveys, Questions and Manual Test Plans
• Successfully created various custom notification templates to meet the business requirements

SAP GRC and SECURITY PHASE ZERO PROJECT Consultant

Confidential

Responsibilities:

• Demonstrated Proof of concept (POC) for SAP GRC Audit Management 1.2 on HANA using the client data for a risk-based auditing following the planning, preparation, execution, reporting and follow up phases.
• Understand client pains and objectives through discovery sessions and data gathering
• Proffer best practice Implementation roadmap based on their documented processes for quicker value realization
• Delivered high Level on the SAP GRC Audit Management solution
• Proposed Business Process Master List (BPML) for easy assessment of risks and effective risk-based Auditing.
• Designed the technical architecture and integration of Access Control, Risk Management and Audit Management Approach

SAP GOVERNANCE, RISK MANAGEMENT and COMPLIANCE Consultant

Confidential

Responsibilities:

• Successful GRC Framework design, implementation and automation using an integrated SAP GRC solution (Access Control, Process Control and Risk Management 10.1, 12.0) (Audit Management 1.2), the solutions were configured and implemented end to end using the Fiori and NWBC user interface.
• Championed the business requirement gathering
• I trained and mentored staffs/ interns from scratch to becoming project ready consultants/ usage of the system in the areas of GRC, Security, authorization and Audit
• Delivered step by step documents and supported the system to achieve stabilization.

SAP SECURITY & AUTHORIZATION Consultant

Confidential .

Responsibilities:

• Designed and Implemented SAP Security, Authorization and Audit policy
• Configured CUA using (BD54, SCC4, BD64, SCUA, SCUM, SCUL, SCUG)
• User, Role and Profile Maintenance & Administration in SAP ECC 6.0 and BI 7.0 using (SU01, PFCG, SUPC) to enforce proper segregation of duties
• Analysed user problems using (SU53, ST01, SUIM)
• Configured Audit Information System (AIS) using (SM18, SM19, Sm20) for both system and business audit
• Managed the SQL & HANA database against threat and unauthorised access to ensure confidentiality and
• Secured and assigned tables, programs and transaction codes using authorization objects/ groups.
• Analysed logs using (SLG1, SM21, STAD and SUIM)
• Assigned reports and query to roles using Authorization objects to enforce SOD
• Secured and Assigned tables, programs and transaction codes using authorization groups (SE16, SM30,SE54, SM31, SA38, SE38)
• Successfully designed and implemented an SAP cyber-security, authorizations and audit policy document based on best practices and client requirements.