SAP Security roles and GRC Automations

Rahulsfaze · 3 weeks ago

Just an wild though why can't we integrate AI Agents , LLMs like Joule or Claude and use HITL(Human in the loop) into SAP Security and GRC module to assign the role automatically via one chat bot or any tool that will specifically solve the regular case of sending mails to security people to get access in some particular systems (DEV, QA, PROD) and waiting for approval from security admin which takes some time more than a week to get all the access and role assigned .Just these approvals and the flow can be managed via the tools where after the validation for a particular request user whether HE/SHE is a developer or a Functional consultant or a business user. and the user can mention a reference user and the Agents just check which roles are assigned to the reference user and copy the same to the new user .We can create a BRF+ rule and maintained the decision table to handle the filtration logic and the AGENTS can do the manual work and send a confirmation mail to the Security Admin to validate before giving final role assignment into Production.

Mark Manders · 3 weeks ago

You are a ServiceNow Employee. Shouldn't this be an internal question? Or shouldn't this just be created?

Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Rahulsfaze · a week ago

But the only issue with such kind of automation is that there is always a risk of mismatch Roles assignation in Production environment and Security Admin might not accept these kind of total automation even though there are Human in the process for final approval but when it comes to multiple user data creation there always be more validation required manually just to verify if everything is correct or not.