Data protection and compliance in SAP

For the 21st time, experts in SAP security will meet in Hamburg on September 14 and 15 at the invitation of IBS Schreiber GmbH to exchange experiences and receive further training.

In the future, topics such as Hana, cloud and also the new EU General Data Protection Regulation (EU-DSGVO) will be among the focal points for auditing SAP systems. In illustrative practical contributions, potential weak points will be highlighted and requirements for compliance as well as corresponding audit approaches will be presented.

In addition to the technical aspects of SAP security, the presentations will also cover organizational processes. This year's lecture program with top-class speakers again offers a broad range of topics for beginners and experts.

Ebner Stolz presents the basic features of an ISMS according to ISO 27001:2013 in the context of an SAP landscape. The use of the SAP Digital Boardroom for a new generation of board reporting including GRC components is the topic of the technical presentation by Items.

One of the main topics of the conference will be data protection in SAP with a view to the EU GDPR. Stadtwerke Hannover will report on the approach, project organization and obstacles to implementing the EU GDPR at Enercity.

The subsequent technical presentation by IBS Schreiber GmbH shows how the requirements of the EU-DSGVO can be implemented in SAP HCM in practice with a data protection-compliant deletion concept and how the life cycle of data can be managed with SAP ILM and how the time-dependent locking of data can take place in the authorization concept.

The management of authorizations and identities (IDM) is among the other focal points. Xiting reports on the migration of authorizations when switching to S/4 Hana. HCM Consulting sheds light on the human factor in the IDM environment and presents tools, tips and tricks for the organizational implementation of an IDM.

Two experts from SAP will focus on the topic of security in the SAP Solution Manager environment and examine both the organizational requirements and the technical implementation.

An excursus by the German Ministry of Defense on hybrid information warfare will provide an interesting insight into hacker attacks, network propaganda and social bots. In addition, attendance at the conference can be extended with a pre-seminar on September 13, where the innovations of the current SAP release will be discussed in the context of audits and SAP security as part of a Delta training session.