IAG 2023_10_31 : Recap IAS & Introduction IAG

https://www.youtube.com/watch?v=LLZDkt5QcKY

Summary

TL;DR — This video introduces SAP's Cloud Identity Access Governance (IAG) solution, explaining its role in managing cloud-based identity and access. It contrasts IAG with the on-premise SAP GRC Access Control, highlighting IAG's cloud-native design, its integration capabilities with various SAP cloud and on-premise systems, and its core services like risk analysis, role design, access requests, and access certification.

Key points

• SAP Cloud Identity Access Governance (IAG) is a cloud-native solution built on the BTP platform, designed to streamline compliance and access management for cloud environments.

• IAG complements, rather than replaces, on-premise GRC Access Control, offering a parallel solution for cloud customers.

• Core IAG services include Access Analysis (risk analysis at user level), Role Design (for business roles), Access Request (workflow-driven provisioning), and Access Certification (user access reviews).

• While IAG offers a modern UI and streamlined setup (around 5 minutes), it has limitations compared to GRC Access Control, such as fewer workflow stages, no custom rule creation, and user-level risk analysis.

• IAG integrates with various SAP cloud solutions (like SuccessFactors, Ariba, Fieldglass) and on-premise systems (like S/4HANA) via BTP and cloud connectors, though direct provisioning to BTP sub-accounts is not its primary function.

Takeaway — SAP Cloud IAG is SAP's modern, cloud-first approach to identity and access governance, offering essential GRC functionalities with a focus on cloud integration and user experience, despite current limitations compared to its on-premise predecessor.