We are looking to onboard an experienced SAP GRC Consultant to conduct an investigation into the SAP Access Controls applications for a large, well-known UK firm. The Consultant will be required to produce a comprehensive report detailing the current usage and configuration, recommendations and a costed implementation plan to achieve full functionality of all modules across eligible SAP systems. This is a contract position outside IR35. The duration of the engagement is likely to be c.3 months with the possibility of follow-on work on the subsequent implementation of recommendations/plan following delivery of the report. We are working on the basis that this will be a remote-based position so we can consider indivduals located anywhere in the UK, though it may be helpful if someone has the ability to work on-site on an occasional basis if needed. Role Objective The SAP GRC Consultant will be responsible for producing a report that: 1.Demonstrates that a full analysis has been undertaken to understand the firms current use of SAP Access Controls 2.Identifies all gaps between the firms current use and full utilisation of SAP Access Controls 3.Defines all actions that are required to bring SAP Access Conrols up to full health and utilisation 4.Incorporates a fully costed plan, including timescales, to address points 2 and 3 Respsonsibilities Analyse the current state of SAP Access Control modules (e.g. Access Risk Analysis, Emergency Access Management). Identify gaps in configuration and functionality Assess user access roles and identify potential security risks Develop best practice recommendations that optimise the use of SAP Access Control modules, while ensuring compliance with internal policies and regulatory requirements Produce a costed implementation plan including milestones, dependencies and risks, including estimated costs (licencising, configuration, integration, training etc.) Compile findings, recommendations and plans into a comprehensive final report Key Requirements Expert understanding of SAPs Access Control suite of applications Good knowlegde of SAP GRC modules and in SAP role design and segregation of duties (SoD) Strong analytical skills and understanding of business process Understanding of risk assessment methodologies Ability to manage timelines and stakeholder communications Solid project experience, including ideally in project costing and planning Preferably some knowledge around SAP licensing and implementation costs ADZN1_UKTJ