The global and independent platform for the SAP community.

Data protection and compliance synchronized

Data protection and compliance - these two topics are currently dominating one of the many debates about SAP applications. They are not only a major topic within the company, but also a central yardstick in the annual audit.
Bernd Israel, Sivis
March 13, 2019
Data protection and compliance synchronized
This text has been automatically translated from German to English.

Reconciling the two is like synchronizing two gears of different sizes, where one is supposed to mesh with the other. To elegantly dovetail data protection and compliance, the software company Sivis from Karlsruhe, Germany, has developed modular software.

The Compliance Manager has been around for some time now. It not only checks the set authorizations in real time, but also checks them for weaknesses, risks and violations of laws and regulations similar to the DSGVO before they go live. In addition to checking critical activities and authorization combinations, system parameters are also scrutinized.

"With the Compliance Manager, you have a clear overview of your authorization concept at all times. In addition, there are solution suggestions for quickly correcting conflicts. And an audit with relevant security queries. Extensive evaluation options are also included."

describes Sivis CEO Kai Bounin the finesse of the manager solution.

And for those in a hurry, there is the Compliance Reference Manager, which already contains a best-practice set of over 500 rules and is continuously expanded and updated. The strengths of this solution also include a field-tested selection for online and offline audit runs.

350 critical combinations from 150 critical activities provide delight for both internal auditors and auditors. Of course, the Compliance Reference Manager is adaptable to individual requirements.

Since May 2018, the European Union's General Data Protection Regulation (GDPR) has governed the processing of personal data by private companies and public bodies.

Bernd Israel

This is intended to protect personal data within the EU and at the same time regulate the free movement of data within the single market. Since then, companies have also had to handle personal data in accordance with the rules - otherwise they face severe fines.

What does an entrepreneur really need to do to comply? Secure the rights of customers and their customers. These include the right to information, the right to erasure, the right to rectification and the right to object.

With the data protection cockpit, all information stored in the Sivis Suite for a user is available at the push of a button. Changes or deletions can thus be made from a central location.

"However, personal data cannot always be deleted, as a reference might be lost and thus the data model would be broken. In these special tables, the data is anonymized, so that it is no longer possible to draw conclusions about this person."

explains the programmer responsible, Daniel Heimburger. The data protection cockpit is now an integral part of the Sivis suite.

"Our solutions can of course do both: ERP and S/4 Hana. When switching software without any problems, all functionalities are of course retained"

says Vladimir Kornyushkin, head of programming.

Management 1902 Chart

Audit-compliant SAP documentation

The Concept Manager for audit-proof SAP documentation has been available since last October. It provides automated naming conventions, connected target systems and customized concept reports in PDF format in real time and without media breaks.

With its help, internal and external auditors can quickly gain a complete overview of a company's authorization concept. In times of the DSGVO, this audit-proof SAP documentation is a market advantage that should not be underestimated and also gladdens the auditor's heart.

With the help of the Concept Manager, you can get an overview of the authorization concept - from the administrator to the specialist department to the internal or external auditors.

If desired, tables can be shown or hidden. Of course, the solution can also be configured individually. Or when it comes to shortening the training period for new employees from support or other departments.

The Concept Manager can do much more thanks to a ready-made template with logging system configurations. This can be downloaded initially and, for example, filled with the company's own best practice content.

Sivis has a great deal of practical knowledge when it comes to synchronizing complex processes related to authorization management.

Bernd Israel, Sivis

Formerly Head of Point of Business at T-Systems Switzerland, Bernd Israel is now Managing Director of Sivis.

Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024


Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT


Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024


Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.