Let us capture, enhance and protect your business value with technology and people​

Managed services for SAP authorizations and Active Directory


Our service: Your audit-proof authorization management​

As BR1GHT we are your long term partner on compliance, Active Directory and SAP authorizations, security and continuous monitoring of internal controls. ​

As part of our Sap Security and Controls proposition, next to our “get clean” services where by we optimize your SAP security & authorizations, we also offer “Stay Clean Managed Service”. This service delivers our clients a turnkey compliance service SAP authorization & SoD and Active Directory. Your 1st, 2nd and 3rd line service requests are solved by a dedicated team. ​

You are all time in control as we provide key compliance and service Level analytics that provide actual insights on your security compliance. With our audit background we can be your contact person for your Auditor to demonstrate the SOD ruleset, compliance status and ongoing improvement initiatives. If needed we can perform remediation or risk mitigation activities such as did-do analyses. ​

This service can be executed as a service so we service your maintenance completely. Our services are integrated with  Incident Management systems like ServiceNow and supported by our technology partners Soterion, Pathlock and SAP GRC technology​

BR1GHT adds value to your key GRC stakeholders within your organization

  • Audit and Traceability: workflows and logging for firefighting and user /role requests
  • Reduction of costs due to self service portal​
  • Seamless integration with BR1GHT’s “stay clean services”


  • Key IT General Controls are automated, logged and pushed to the responsible persons
  • Audit trail ensures auditability and traceability​
  • Automatic user and role certification pushed to the line managers automatically​


  • Business is able to take control over their SAP authorizations due to the user friendly user interface, workflows and self service portals​
  • Important controls are automated: User/ role change requests, fire fighting, password reset
  • Business directly see the impact of role and user changes due to the simulation and SoD dashboards​


  • External audit has transparency on role design, GRC ruleset configuration​
  • External audit can easily benchmark with their own tool and if needed we can include the auditors rules easily in Soterion because of the easy upload functionality with audit trails
  • Global standard tooling simplifies the adoption by the financial auditor​

Why do you want a partner to support you in SAP Security & GRC Managed Services?​

Saving costs

Reduction of Audit findings

Speed of service delivery


Continuous in control

Unused Licenses

Focus on your core business




Compliance Performance insight

Increased quality

BR1GHT is your long term GRC Partner​

Get Clean” towards acceptable risks

BR1GHT delivers you with the redesign of your SAP Authorizations.​

Resulting in improved business Segregation of Duties framework​

Revoke unused access. Implement a future proof authorization concept – including looking at S/4HANA.

GRC Implementation

BR1GHT can implement continuous monitor technology to identify risks, automate IT maintenance procedures (IT General Controls) and to give the business a user friendly insight in the ERP risks in your landscape. We are able to do this in SAP, but also over your hybrid ERP landscape. We leverage our technology partners SAP, Soterion and Pathlock to support you. 

Stay Clean as-a-service

BR1GHT delivers a “stay clean” as a service model to ensure that the “get clean” investments are leveraged​

Subscription based service model BR1GHT is able to perform 1st, 2nd and 3rd line GRC and authorization Support, provide you with relevant reports and keep your process to an acceptable risk for SAP and Non-Sap environments. ​

BR1GHT delivers  you an increase of compliance effectiveness and quality and a decrease in OPEX​

How would the service look like

L1 activities

  • Newly hires, changes and leavers
  • User creation & User Unlock
  • GRC request creation​
  • Password reset​
  • Parameter maintenance​
  • System Network Communication (SNC) maintenance​
  • Low risk role assignment​
  • Developer key assignment​
  • User credentials at SAP market place​
  • GRC Reports, User simulation
  • Emergency Access Request​
  • User issues by SU53 errors​
  • Execution of periodically reviews
  • Maintenance of security settings in line with policies and procedures

L2 activities

  • BRM request in GRC​
  • SU24 maintenance​
  • Mass User & Role changes​
  • Updating FF ID owner and Controller​
  • Updating role owners​
  • Import roles in GRC AC​
  • Business Role creation​
  • Review User Segregation of Duty (SOD) Risks​
  • Ruleset Review & sensitive access
  • Project documentation​
  • Periodic SOD review and critical rights including SAP_ALL​
  • Periodic licences review​
  • Audit support*

L3 activities

  • SOD and critical access risk review
  • GRC Upgrade activities​
  • SPRO changes in GRC​
  • GRC Ruleset Review and Implementation​
  • New SAP system integration to GRC​
  • Review configuration issues in GRC and resolve​
  • Implement UAR & SOD Review configuration​
  • Design Customized workflow notifications​
  • Fiori role design​
  • GRC User training​
  • Problem Management*​
  • Project related work (on / off shore)*

Each service levels includes: periodic reporting on SLA, periodic SLA meeting.​

Client case ​

BR1GHT Managed Services: Identity and access management on SAP, Active Directory and GRC at PVH

PVH is one of global most famous and largest fashion retailers globally. The Power of PVH is fueled by our people and our iconic brands: Calvin Klein, TOMMY HILFIGER, Warner’s, Olga by Warner’s, and True&Co. From their humble start in 1881 mending and selling shirts for coal miners in Pottsville, Pennsylvania, PVH has become a global powerhouse in the fashion industry.

PVH is growing rapidly, which is reflecting on the IT environment. With their 10.000 AD and SAP users. because of the business growth, IDM team is looking for opportunities to leverage a better and more efficient service aiming to

  1. Increase the quality of the IDM team
  2. Decrease dependency on temporary workers
  3. Be a highly effective business partner for the business
  4. Reduce the cost of IT Management
  5. Improvement, automation and standardization of the work processes
  6. Automate and reduce the efforts to ensure efficient SOX testing with no surprises
  7. Limit the risk on Unauthorized access to critical systems

Let’s get digital in control together

Please contact us if we made you curious about our services and what we can do for you.

If you would like to receive news or insights, please go to our contact page.

Thank you so much for you interest in us!