Asmita Abhyankar

Role: Leading the SAP Security & GRC streams to Implementing Enterprise SAP S4 HANA & Cloud Security Strategy across SAP Landscape as part of Cenovus' Cloud migration transformation

• Developed overall Security strategy including IAM & SSO strategy for Cenovus' SAP ecosystem by liaisoning with various business stakeholders & SI partners ( EY, IBM,Accenture)
• Led the Security Role Design workshops for Finance, MM, PM & HR areas across S4 HANA Landscape
• Developed and implemented the Security Governance & SOX Framework and process maps through workshops with key stakeholders across SAP S4 and Cloud environments
• Performed Workshops to gathering business & configuration requirements for ARM, ARA, EAM Modules
• Conducted sessions with Business & SOX teams to design & finalize the GRC ruleset for Finance, SD and MM areas for SAP applications like S4 HANA, BTP, Successfactors, Workforce, Ariba, Fieldglass, SAC & Datasphere
• Created remediation and mitigation plan for outstanding SAP access risks resolution
• Engaged in reviewing IT Security control designs across various Business Functions

Role: Led the SAP Security & GRC streams to Implementing a comprehensive SAP Security RBAC model for CRM, SRM, PO, TM & Solman

• Troubleshooted SAP HR Security issues with structural authorizations
• Implemented SAP BOBJ & BPC Security Role design
• Implemented SAP BW 7.3 Security Analysis authorization
• Implemented SAP Fiori/Gateway Security by designing catalogs and groups belonging to various SAP modules

Role : Led SAP GRC stream to remediate SOX deficiencies as part of annual SAP Security review

• Enhanced the existing SOX Controls and developing new ones to prevent SOX issues
• Worked closely with internal and external auditors to identify, mitigate/remediate the SOX issues
• Identified of SOX issues in roles and remediating them through RBAC role modifications
• Remediated of various SOX deficiencies identified by the audit
• Extensive interaction with Finance business and Security Operations

Role: Managed SAP GRC service operations

• Produced Risk analysis Reports on User and roles to identify existing SoD violations and discuss with Finance governance to carry out bi-yearly audits to review exiting Mitigation assignments and carrying out remediation work
• Used real-time data and Management reports retain an offline history of SoD status
• Worked extensively on Firefighter owner, controller, ID setup and management including the controller workflow in GRC10.x
• Administered GRC requests to allow Template role provisioning on Positions and Users
• Maintained/troubleshooted MSMP workflow to allow customization of workflow approval steps and to stay SAP Audit compliant
• Created template assignment approval workflows for Non ABAP systems to facilitate manual provisioning
• Scheduling/Administering Synchronization Jobs to manage Data sync between GRC and Satellite systems including User/Role/profile repository data, Transaction log data and FF controller workflow job

Role: SAP Security & GRC platform - Projects / managed service

• Understood client requirements and implemented SAP security for newly created business units, modifying existing setups to fulfill business needs.
• User & Role mgmt. across (SAP R3, HR, SAP BW, SAP CRM, Solution Manager, GRC, APO, etc.) with strict adherence to SOX controls.
• Created structural authorizations (PD profiles) for hierarchy-based authorizations in SAP HR.
• Prepared quarterly and annual audit reports to comply with SOX control requirements for internal as well as external audits.
• Ensured on-time delivery to meet Service Level Adherences (SLAs) and Service Level Objectives (SLOs).
• Was thorough in ALE concepts and experienced in implementing HR data flow from ECC to non-ECC systems through the ALE Distribution model.