Let us capture, enhance and protect your business value with technology and people​

Managed services for SAP authorizations and Active Directory


Our service: Your audit-proof authorization management​

As BR1GHT we are your long term partner on compliance, Active Directory and SAP authorizations, security and continuous monitoring of internal controls. ​

As part of our Sap Security and Controls proposition, next to our “get clean” services where by we optimize your SAP security & authorizations, we also offer “Stay Clean Managed Service”. This service delivers our clients a turnkey compliance service SAP authorization & SoD and Active Directory. Your 1st, 2nd and 3rd line service requests are solved by a dedicated team. ​

You are all time in control as we provide key compliance and service Level analytics that provide actual insights on your security compliance. With our audit background we can be your contact person for your Auditor to demonstrate the SOD ruleset, compliance status and ongoing improvement initiatives. If needed we can perform remediation or risk mitigation activities such as did-do analyses. ​

This service can be executed as a service so we service your maintenance completely. Our services are integrated with  Incident Management systems like ServiceNow and supported by our technology partners Soterion, Pathlock and SAP GRC technology​

BR1GHT adds value to your key GRC stakeholders within your organization

  • Audit and Traceability: workflows and logging for firefighting and user /role requests
  • Reduction of costs due to self service portal​
  • Seamless integration with BR1GHT’s “stay clean services”


  • Key IT General Controls are automated, logged and pushed to the responsible persons
  • Audit trail ensures auditability and traceability​
  • Automatic user and role certification pushed to the line managers automatically​


  • Business is able to take control over their SAP authorizations due to the user friendly user interface, workflows and self service portals​
  • Important controls are automated: User/ role change requests, fire fighting, password reset
  • Business directly see the impact of role and user changes due to the simulation and SoD dashboards​


  • External audit has transparency on role design, GRC ruleset configuration​
  • External audit can easily benchmark with their own tool and if needed we can include the auditors rules easily in Soterion because of the easy upload functionality with audit trails
  • Global standard tooling simplifies the adoption by the financial auditor​

Why do you want a partner to support you in SAP Security & GRC Managed Services?​

Saving costs

Reduction of Audit findings

Speed of service delivery


Continuous in control

Unused Licenses

Focus on your core business




Compliance Performance insight

Increased quality

BR1GHT is your long term GRC Partner​

Get Clean” towards acceptable risks

BR1GHT delivers you with the redesign of your SAP Authorizations.​

Resulting in improved business Segregation of Duties framework​

Revoke unused access. Implement a future proof authorization concept – including looking at S/4HANA.

GRC Implementation

BR1GHT can implement continuous monitor technology to identify risks, automate IT maintenance procedures (IT General Controls) and to give the business a user friendly insight in the ERP risks in your landscape. We are able to do this in SAP, but also over your hybrid ERP landscape. We leverage our technology partners SAP, Soterion and Pathlock to support you. 

Stay Clean as-a-service

BR1GHT delivers a “stay clean” as a service model to ensure that the “get clean” investments are leveraged​

Subscription based service model BR1GHT is able to perform 1st, 2nd and 3rd line GRC and authorization Support, provide you with relevant reports and keep your process to an acceptable risk for SAP and Non-Sap environments. ​

BR1GHT delivers  you an increase of compliance effectiveness and quality and a decrease in OPEX​

How would the service look like

L1 activities

  • Newly hires, changes and leavers
  • User creation & User Unlock
  • GRC request creation​
  • Password reset​
  • Parameter maintenance​
  • System Network Communication (SNC) maintenance​
  • Low risk role assignment​
  • Developer key assignment​
  • User credentials at SAP market place​
  • GRC Reports, User simulation
  • Emergency Access Request​
  • User issues by SU53 errors​
  • Execution of periodically reviews
  • Maintenance of security settings in line with policies and procedures

L2 activities

  • BRM request in GRC​
  • SU24 maintenance​
  • Mass User & Role changes​
  • Updating FF ID owner and Controller​
  • Updating role owners​
  • Import roles in GRC AC​
  • Business Role creation​
  • Review User Segregation of Duty (SOD) Risks​
  • Ruleset Review & sensitive access
  • Project documentation​
  • Periodic SOD review and critical rights including SAP_ALL​
  • Periodic licences review​
  • Audit support*

L3 activities

  • SOD and critical access risk review
  • GRC Upgrade activities​
  • SPRO changes in GRC​
  • GRC Ruleset Review and Implementation​
  • New SAP system integration to GRC​
  • Review configuration issues in GRC and resolve​
  • Implement UAR & SOD Review configuration​
  • Design Customized workflow notifications​
  • Fiori role design​
  • GRC User training​
  • Problem Management*​
  • Project related work (on / off shore)*

Each service levels includes: periodic reporting on SLA, periodic SLA meeting.​

Client case ​

BR1GHT Managed Services: Identity and access management on SAP, Active Directory and GRC at PVH

PVH is one of global most famous and largest fashion retailers globally. The Power of PVH is fueled by our people and our iconic brands: Calvin Klein, TOMMY HILFIGER, Warner’s, Olga by Warner’s, and True&Co. From their humble start in 1881 mending and selling shirts for coal miners in Pottsville, Pennsylvania, PVH has become a global powerhouse in the fashion industry.

PVH is growing rapidly, which is reflecting on the IT environment. With their 10.000 AD and SAP users. because of the business growth, IDM team is looking for opportunities to leverage a better and more efficient service aiming to

  1. Increase the quality of the IDM team
  2. Decrease dependency on temporary workers
  3. Be a highly effective business partner for the business
  4. Reduce the cost of IT Management
  5. Improvement, automation and standardization of the work processes
  6. Automate and reduce the efforts to ensure efficient SOX testing with no surprises
  7. Limit the risk on Unauthorized access to critical systems

BR1GHT started to support PVH in supporting their improvement program. This program was structured and executed through the following pillars:

  • Governance

The BR1GHT team in South Africa took care of the quality requirements of the client. Conclusion was that the PVH was dependent on a large group of external people. We made an architectural overview on how the future department could look like, we calculated the business case and made a transition plan. During the transition, we integrated the BR1GHT service center within the PVH daily processes and structures. BR1GHT team is not ensuring that the team will be operationally managed and that performance reporting will be done towards PVH.

  • Improving processes execution

BR1GHT optimizes the IDM processes of PVH. The following processes are optimized and/ or automated with Soterion technology:

  • Execution and the improvement of the IDM supporting maintenance processes. BR1GHT is fully integrated within the maintenance processes and systems within PVH. BR1GHT is solving tickets, execution of IDM projects, documenting best practices and improving processes through automation.
  • User and Role certification: to ensure that the users and roles only grant access to appropriate access, Soterion offers the possibility to structure and execute the certification processes and provision changes to SAP. By having these processes automated, you are ensured that all users and roles are reviewed timely and that the risk on unauthorized access is limited.
  • Automation of Sap License review. The team includes the ability to perform a SAP license review. By making use of the Soterion technology, we can automatically analyse the amount and usage of SAP users and extract the appropriate license information for SAP
  • BR1GHT ensures people continue within the team

PVH was dependent on a large group of individual temporary contractors with regard to their SAP, Active Directory and SAP GRC maintenance. PVH has not outsourced their IDM department to BR1GHT service center in South Africa. With these services, BR1GHT guarantees the quality of the team, ensures talent development, scalability and build a knowledge base for our clients. Through our delivery methodology we continuously improve our the quality of our IDM services.

  • Technology as enabler for continuous improvement

BR1GHT provides these services by automating as much as possible and to integrate technologies. The team works via a remote desktop on the technology of PVH like service now and directly in their SAP and AD environments.

Beyond the IDM services we provide – BR1GHT South Africa – develops state of the art technology to drive our projects, reduce manual labor as part of our services. For PVH we work with the following tehnologies: SAP GRC and Service now

If you are interested in the business case for your company, contact us via meindert@br1ght.nl. Together with you we will calculate your business case.


BR1GHT is founded in 2019 as a spin-off from PwC and KPMG. Together we have a track record of years of software implementation and application consulting, originally to improve processes, finance, and IT performance and compliance. We used ERP software and specialist software in the field of GRC. Our experiences go back to the 1990s, when we played roles in many change programs in the utility industry, both from a technical, process and organizational change perspective. We supported business functions, IT, and board rooms to realize the changes and capture the value of new technology.

BR1GHT nowadays sells & delivers software solutions plus related consultancy via fast and result driven implementations and continuously optimise the usage of technology in the areas of Governance (audit, compliance, risk & internal control), Finance and IT

We are proud of our client base of 60+ tier 1 (listed companies and multinationals) in 14 countries and now fully focus on new digital solutions. By combining right-sized, highly skilled core teams with a large network of partners and specialists we bring our clients the best of all worlds. This creates a capability to stay on top of the fast-changing technology environment where our teams still can offer a personal touch to the relationship with our clients. At the same time, we source our power from our partners and communities of specialists in areas such as software, content, people & change, governance, methodologies, and many more.

It is BR1GHT’s purpose to support u to use the right technology to build your future on and to enhance & protect your business value. BR1GHT is a ‘one-stop technology shop’ delivering the latest best practice technology together with highly skilled specialists. BR1GHT aims to be your sparring partner and technology supplier to accelerate and drive your business towards growth and control.


BR1GHT delivers four main services:

  • Continuous in control and increase business performance in a constantly changing world.
  • We automate Internal audit, risk management, and compliance towards world-class.
  • We empower businesses with digital solutions (business technology).
  • We automate the finance function with technology to lower costs and increase value to the business.


BR1GHT is headquartered in The Netherlands but has service units in South Africa and Surinam to deliver the following services

from South Africa:

  • (continuous) SAP Authorization Management
  • AD and SAP (GRC), Authorization support services to get clean, stay clean and redesign when required
  • SAP license Management
  • AD automation and Maintenance

from Surinam:

  • Accountants Compliance
  • Financial and IT audit support
  • Risk Management and compliance services
  • IT control

We do this with five promises:

  • Design a future vision: We help our clients select technology meeting their current needs and make them future ready. We challenge our clients on their vision and help them build one.
  • Proven technology: It is all about technology where software eats it all and clients need to step up to capture the value of digital. We have technology and delivery capabilities for recent technologies in the afore mentioned areas. Best practice technology is the core of our propositions to help our clients accelerate success. This technology can be delivered with predefined content to accelerate the implementations.
  • Result driven change: We only work with experienced partners, deep skilled expert professionals using best practice content. We can promise a fast, result driven and fixed price implementation focused on quality.
  • Continuous improvement: During our involvement we support our clients’ people to become adaptive to change and we build capabilities to continuously innovate and improve themselves.
  • Communities: Via communities of clients (clients 4 clients) and specialists (people 4 people), shore and offshore, we can provide support along the whole length of your transformation process and beyond. Soon people will not work in large companies but become independent professionals, organised in flexible communities with deep skills. We facilitate this with our people communities. We are a people community, consisting of small core teams with autonomous working specialists. We are a home base for specialists and entrepreneurs who can work individually, together under one umbrella, building new capabilities and great experiences.

Let’s get digital in control together

Please contact us if we made you curious about our services and what we can do for you.

If you would like to receive news or insights, please go to our contact page.

Thank you so much for you interest in us!