See how PwC used LLMs in their SAP S/4 HANA implementation to automate enterprise role design, reduce manual mapping by weeks, improve accuracy, and drive compliance. Get AI-driven best practices, key insights, and strategies to speed up ERP role-based access and scale effectively.

In this session, you will:

• Reframe enterprise role design as a data-led governance problem. Learn how a large technology company and PwC turned raw process and requirement data into “decision-grade” role intelligence by structuring 70,000+ process items into a governed L1 to L5 BPML foundation. 
• Use LLMs to shift workshops from discovery to validation. See how evidence-linked, confidence-scored recommendations produced workshop-ready role proposals, moving stakeholder time from “what do we do?” to “is this right?” and compressing cycle time from weeks to days. 
• Scale role mapping across SAP and non-SAP with traceability. Understand a practical approach to map activities to entitlements across a heterogeneous landscape (SAP plus non-SAP) while keeping every recommendation traceable back to a source activity or requirement. 
• Strengthen governance, risk, and compliance in access management. Discover how AI-driven insights supported more consistent role definitions, improved segregation-of-duties considerations, and enhanced visibility across the access model.

Hear how Merck, a global leader in healthcare, science, and technology, has developed a cyber resilience strategy for their SAP S/4HANA Cloud environment using Zero Trust principles in the S/4HANA Private Cloud. Lessons learned emphasize collaboration, proactive security, SAP and partner technologies, user engagement, and an understanding of shared responsibilities. By attending this session, attendees will leave with ideas to strengthen their security posture and address evolving cyber threats in the SAP S/4HANA environment.

Community is a three-legged stool made up of Events, Platform, and Omnipresence (meeting members where they are). AI reshapes how people interact, but not why they gather. 
Taking place in the Brew Park during Pub Night in the Exhibit Hall, this session discusses how the SAP Community was formed, where it is now, and what its future looks like in a human-human, member-focused world. 

• AI reshapes how people interact, but not why they gather.
• As AI scales content, trust becomes the differentiator.
• The future is not AI vs humans. It’s AI accelerating connection.

SAP S/4HANA Cloud has matured significantly, yet many organizations still approach “Public vs. Private” with outdated assumptions. This session cuts through the noise to clarify what truly differentiates SAP S/4HANA Public and Private Cloud today, with a focus across functionality, extensibility, integration, and operational effectiveness. We’ll examine how SAP’s clean core strategy, innovation cycle, and industry scope shape each deployment model in practice. Attendees will gain a pragmatic view of where Public Cloud has closed historical gaps and where Private Cloud continues to offer strategic flexibility. The discussion emphasizes real decision drivers including business agility, transformation appetite, regulatory needs, and IT operating model, rather than myths rooted in ECC-era thinking. The goal is not to declare a winner, but to enable informed, confident choices aligned to business outcomes.

In this session, you will:

• Differentiate Public vs. Private Cloud beyond marketing capabilities, constraints, and trade-offs that matter in real projects.
• Identify the business and IT drivers that signal when Public Cloud is viable versus when Private Cloud is the better strategic fit.
• Evaluate clean core, extensibility, and integration options and how they impact long-term cost, upgrades, and innovation.
• Understand operational and governance implications, including release cycles, customization approaches, and compliance considerations.
• Apply a practical decision framework to guide executive conversations and roadmap planning for SAP S/4HANA adoption.

This session provides a comprehensive overview of how new version of SAP GRC for SAP HANA 1.0 operates, equipping participants with the essential knowledge to plan, implement, and optimize GRC functionalities on this new release. We will highlight new capabilities,  improvements, and discuss prerequisites, deployment considerations, and common challenges. Attendees will gain clarity on how Access Control, Process Control, and Risk Management leverage HANA’s in-memory capabilities, as well as the implications for upgrades, integrations, and future scalability. By the end of the session, participants will understand the key benefits, technical impacts, and best practices for running SAP GRC for SAP HANA 1.0.

Ask the Experts sessions provide an informal setting to connect one-on-one with subject matter experts and experienced end users on specific areas of expertise. Bring your pressing questions and be ready to discuss your key challenges and priorities.

Topics covered: SAP Access Control, SAP Cloud IAG, and SAP Security.

Ask the Experts sessions provide an informal setting to connect one-on-one with subject matter experts and experienced end users on specific areas of expertise. Bring your pressing questions and be ready to discuss your key challenges and priorities.

Topics covered: SAP S/4HANA Brownfield Upgrade Security, Fiori Security Governance, SoD-Compliant Role Design, and RISE Licensing Optimization.

Ask the Experts sessions provide an informal setting to connect one-on-one with subject matter experts and experienced end users on specific areas of expertise. Bring your pressing questions and be ready to discuss your key challenges and priorities.

Topics covered: SAP GRC, SAP Security, Segregation of Duties (SoD), user provisioning, access control and governance, corporate compliance"

Ask the Experts sessions provide an informal setting to connect one-on-one with subject matter experts and experienced end users on specific areas of expertise. Bring your pressing questions and be ready to discuss your key challenges and priorities.

Topics covered: Zero Trust, Private Cloud ERP Security aligned to SAP Shared Responsibility

Ask the Experts sessions provide an informal setting to connect one-on-one with subject matter experts and experienced end users on specific areas of expertise. Bring your pressing questions and be ready to discuss your key challenges and priorities.

Topics covered: Cybersecurity, Authentication (SSO and MFA), Threat detection, Audit and Compliance, and Patch Management.

Kick off SAPinsider 2026 with pre-conference gatherings designed to connect you with peers navigating similar priorities, decisions, and challenges. These facilitated roundtable conversations create space for candid exchange, shared experience, and practical insight in a relaxed setting before the main agenda begins. Choose a discussion aligned to your interests and walk away with fresh perspectives and new connections that set the tone for the rest of the week.

Organizations are rapidly adopting LoB cloud solutions alongside core ERP platforms, pushing Segregation of Duties (SoD) risk beyond individual systems. Without transforming controls to work across applications and moving beyond point-in-time testing, managing risk and delivering the level of visibility auditors now expect becomes increasingly difficult. Join this session to see how Continuous Controls Monitoring (CCM) transforms SoD mitigation by analyzing 100% of posted transactions across systems and automatically generating actionable exceptions for risk owners — with full transparency and an end-to-end audit trail.

In this session, you will learn how to:
Quantify Material Risk with Transactional Analysis: Move beyond theoretical "who can" access risks by analyzing 100% of posted transactions in real time.
Unify Cross-Application Visibility: Bridge the visibility gap between core ERP platforms and decentralized LoB cloud solutions by centralizing SoD controls into a single, automated platform.
Automate Audit-Ready Evidence: Eliminate manual documentation by deploying automated workflows that generate line-item level exception reports and tamper-resistant audit trails."

SAP transformations—whether migrating to SAP S/4HANA, adopting SAP BTP, or expanding cloud capabilities—introduce significant cyber risk exposure. As organizations modernize their SAP landscapes, they must navigate complex threat vectors, evolving compliance requirements, and heightened data privacy concerns. Without a robust cyber risk strategy, transformation efforts can be delayed, disrupted, or compromised. This session explores how organizations can embed cyber risk management into the heart of their SAP transformation programs. You will learn how to identify and assess SAP-specific risks, implement controls aligned to transformation milestones, and build governance models that ensure security without slowing innovation. The session will also highlight common pitfalls and lessons learned from real-world SAP transformation projects. You'll leave with actionable strategies to strengthen their security posture across SAP environments, including cloud, hybrid, and on-premise deployments.

You will learn how to:

• Identify security risks unique to SAP transformation initiatives (e.g., SAP S/4HANA, SAP BTP). 
• Integrate cybersecurity controls into SAP project governance and delivery. 
• Align cyber risk management with regulatory and data privacy requirements. 
• Apply lessons learned from real-world SAP transformation case studies.

Organizations implementing SAP face unique challenges where system readiness directly influences end-user involvement, regulatory compliance, and operational continuity. This session explores how a structured pre-implementation health check can mitigate risks and improve outcomes by identifying gaps in governance, testing, data migration, and security before go-live.

Attendees will learn how independent reviews can align stakeholders, improve outcomes, and build confidence across Business and IT leadership. Whether you're preparing for an SAP S/4HANA deployment or optimizing an existing roadmap, this session will equip you with practical strategies to reduce disruption, improve outcomes, and ensure your transformation delivers on its promise.

In this session, you will:

• Understand the unique risks and readiness challenges organizations face when implementing SAP.
• Learn how a structured pre-implementation health check can uncover gaps in governance, testing, data migration, and security.
• Explore a proven framework for assessing system readiness before go-live to reduce disruption and improve outcomes.
• Gain practical strategies to align Business and IT stakeholders and build confidence in your SAP transformation roadmap.

As organizations accelerate their SAP S/4HANA transformations, maintaining compliance across access controls, audit requirements, and stakeholder alignment becomes increasingly complex. In this session, KPMG and Chevron reveal how they successfully navigated these challenges by incorporating intelligent systems for risk identification into the digital core build process. By engaging key stakeholders—including Internal Controls, Corporate Audit, and External Audit—from the onset, the team enabled real-time coordination with the build team and proactively mitigated access and SOD risks through AI-driven insights before they could become systemic. Discover how the entity’s compliance strategy uncovered hidden risks, aligned cross-functional teams, and integrated controls throughout the transformation lifecycle. Attendees will gain practical insights into how to apply similar strategies to their own SAP initiatives.

In this session, you will:

• Integrate compliance with stakeholders including audit functions—into the build process for real-time alignment.
• Design a proactive access control strategy that prevents issues before go-live.
• Leverage cross-functional collaboration to embed compliance into every phase of SAP S/4HANA transformation.
• Apply AI techniques to identify and mitigate SOD risks early in the transformation lifecycle.

As SAP organizations adopt SAP S/4HANA and modern operating models, traditional process visibility and point-in-time controls are no longer sufficient to manage scale, complexity, and risk. Fragmented reporting, manual monitoring, and after-the-fact analysis leave teams reactive to process breakdowns, compliance issues, and performance leakage across critical end-to-end processes such as Customer-to-Cash (C2C). This session examines how enterprises are operationalizing AI-enabled process intelligence to establish continuous monitoring across SAP-centric business processes. By combining process mining with AI-enabled machine learning, organizations gain real-time insight into actual process execution, surfacing control gaps and high-risk deviations without added manual effort. Attendees will learn how this approach shifts oversight from reactive analysis to proactive, continuous governance that strengthens audit readiness and drives sustained operational improvement.

Key learning objectives:

• Learn how to design and implement continuous monitoring across end-to-end C2C processes.
• Discover how process intelligence exposes control gaps, deviations, and inefficiencies in real time.
• Understand how to operationalize ongoing process oversight without increasing manual workload.
• Explore how organizations can move from reactive controls to proactive compliance and performance management.

As Jabil’s global SAP landscape expanded, the company faced a pressing need to modernize access governance and transform SOX compliance from reactive to strategic. With millions of SAP transactions occurring daily, identifying true segregation of duties (SoD) violations through manual, consultant-driven processes became costly and unsustainable. Jabil replaced this approach by automating transaction-based SoD monitoring and quantifying access risk to isolate real exceptions from theoretical violations. In this session, Susan Zortea, Jabil’s Global Governance Lead, will share real-world insights into how Jabil migrated to a cloud-based Continuous Controls Monitoring (CCM) platform to strengthen governance, improve compliance, and drive operational efficiency.

In this session, you will learn how to:

• Automate Transaction-Based Monitorin: Replace manual, sample-based audits with Continuous Controls Monitoring (CCM) to analyze 100% of SAP transactions in real-time.
• Isolate Actual Risk: Use data-driven insights to distinguish between "theoretical" access risks and "real-world" violations to focus remediation on verified threats.
• Quantify Financial Exposure: Transition from qualitative risk labels to quantifying the financial impact of access violations to prioritize high-value governance gaps.

ERP modernizations fueled by SAP S/4HANA migrations, cloud adoption, and hybrid strategies often uncover access risks that threaten compliance, security, and project timelines across the full SAP ecosystem and beyond. This session showcases authentic customer success stories illustrating how Saviynt Application Access Governance (AAG) along with Accenture's expertise delivers unified protection and accelerates transformations across the enterprise.
 
You will learn how to:

• Assess access governance solutions to address risks in dynamic ERP modernization efforts spanning SAP and non-SAP applications.
• Apply AI-powered modern tools to proactively detect, visualize, and resolve risks across diverse landscapes.
• Execute smooth migrations and capture measurable value through effective partner implementations.

Functions that once operated independently, Finance, Tax, and GRC, are now collaborating to meet the demands of real-time compliance, automation, and strategic insight. AI and digital transformation are driving this convergence, creating shared workflows and integrated controls across the enterprise. In this power session, we’ll highlight real-world use cases where these functions are coming together to improve efficiency, reduce risk, and deliver business value.

Join this session to learn how to:

• Identify key drivers behind the convergence of Finance, Tax, and GRC functions.
• Explain how AI and automation enable cross-functional collaboration and shared workflows.
• Analyze real-world use cases where integrated processes improve compliance and efficiency.
• Evaluate strategies for breaking down silos, building a unified governance, and reporting framework.

BridgeBio, a leading biotech innovator, transformed its access governance framework by implementing SAP Cloud Identity Access Governance (IAG) in a highly regulated, GxP-compliant environment. This session explores how the organization aligned business requirements with IAG’s capabilities to streamline access management, enhance security, and meet stringent compliance standards. Discover how BridgeBio approached the complexities of GxP validation while deploying key IAG modules including Access Analysis, Privileged Access Management, Access Request, and Access Certification. The session will highlight how the team navigated regulatory challenges, automated critical processes, and built a scalable governance model that supports both operational efficiency and audit readiness. 

You will learn:

• How BridgeBio simplified access governance using SAP IAG to strengthen security and streamline operations.
• Key strategies for navigating GxP validation requirements in a regulated environment.
• How automation of access provisioning and certification improved compliance and reduced manual effort.
• Lessons learned from BridgeBio’s implementation journey to inform future access governance initiatives.

Effective access governance is essential for balancing security, compliance, and agility in today’s fast-paced digital landscape. This session will showcase how SAP Cloud Identity Access Governance (IAG) and SAP Access Control are leveraging AI-powered innovations to enable intelligent, adaptive access management at scale. We'll explore how seamless integration with partner technologies, such as Microsoft Entra, helps build a unified, scalable access governance framework across hybrid and multi-cloud environments. Attendees will gain practical insights into implementing AI capabilities that enhance risk detection, automate access certifications, and streamline compliance processes. Through a strategic deep dive, we’ll demonstrate how these solutions evolve with your business, empowering teams to proactively address access risks and build a future-ready governance strategy. Join us to see how SAP and its partners are redefining access governance for a dynamic, risk-aware world.

As enterprises accelerate adoption of SAP S/4HANA Cloud, Ariba, and SuccessFactors, the complexity of managing cybersecurity, risk, and compliance across this fragmented ecosystem increases dramatically. This workshop provides a deep dive into how to operationalize the Shared Responsibility Model (SRM) across SAP cloud platforms. Attendees will be guided through a structured methodology to clarify ownership boundaries, embed security and compliance into SAP programs, and define a unified governance model. Interactive exercises and real-world case studies will equip participants with practical tools to identify control gaps, align cyber strategies with enterprise risk frameworks, and drive compliance across hybrid SAP environments. This session is designed for security, risk, and IT executives who want to go beyond theory and return with a blueprint ready to apply across their SAP cloud landscape.

You will learn how to:

• Apply the Shared Responsibility Model to SAP cloud applications to clarify ownership and reduce risk. 
• Design a unified cyber, risk, and compliance strategy across SAP S/4HANA Cloud, Ariba, SuccessFactors, and more. 
• Identify control gaps and implement governance models that scale across hybrid SAP environments. 
• Align SAP cloud security operations with enterprise risk frameworks and regulatory expectations.

Note: This lab session includes laptops for attendee use, available on a first-come, first-served basis. 
You are welcome to bring your own device if preferred. Power is available at the tables. Please connect to the secure event Wi-Fi and test your browser before the session begins.
 

This hands-on lab explores a modern enterprise IAM (Intelligent Access Management) scenario spanning complex SAP and non-SAP landscapes. Participants will work through an identity lifecycle in which Microsoft Entra, ROI iAM running on SAP BTP, and SAP GRC Access Control are used together to provision access to Salesforce, from user creation and automated provisioning to AI-driven access requests and traceability across systems.

By attending, participants will learn how to:

• Enable Microsoft Entra to act as a central IAM for SAP and non-SAP applications.
• Create users in Microsoft Entra to trigger automated provisioning to SAP BTP applications.
• Configure identity lifecycle steps using ROI iAM as an access management accelerator for Entra.
• Submit self-service access requests for Salesforce using natural language with SAP Joule.
• Execute risk evaluation for non-SAP permissions using SAP GRC Access Control and review end-to-end traceability in Microsoft Entra and SAP Joule.

Capacity is limited to 50 participants. If the lab is full, please join the waitlist. Pre-registered attendees should arrive at least 10 minutes before the session to claim their seat. To ensure an on-time start, any unclaimed seats will be released to waitlisted attendees 5 minutes before the session begins. If you’ve preregistered and later decide not to attend, please remove the session from your agenda in the event app so your spot can be offered to the waitlist. Waitlisted attendees should monitor the event app on the day of the lab and be prepared to proceed to the room quickly if space becomes available. Note: To receive waitlist updates, be sure to enable networking and allow push notifications in the app.

Note: This lab session includes laptops for attendee use, available on a first-come, first-served basis. 
You are welcome to bring your own device if preferred. Power is available at the tables. Please connect to the secure event Wi-Fi and test your browser before the session begins.

This hands-on lab explores a modern enterprise IAM (Intelligent Access Management) scenario spanning complex SAP and non-SAP landscapes. Participants will work through an identity lifecycle in which Microsoft Entra, ROI iAM running on SAP BTP, and SAP GRC Access Control are used together to provision access to Salesforce, from user creation and automated provisioning to AI-driven access requests and traceability across systems.

By attending, participants will learn how to:

• Enable Microsoft Entra to act as a central IAM for SAP and non-SAP applications.
• Create users in Microsoft Entra to trigger automated provisioning to SAP BTP applications.
• Configure identity lifecycle steps using ROI iAM as an access management accelerator for Entra.
• Submit self-service access requests for Salesforce using natural language with SAP Joule.
• Execute risk evaluation for non-SAP permissions using SAP GRC Access Control and review end-to-end traceability in Microsoft Entra and SAP Joule.

Capacity is limited to 50 participants. If the lab is full, please join the waitlist. Pre-registered attendees should arrive at least 10 minutes before the session to claim their seat. To ensure an on-time start, any unclaimed seats will be released to waitlisted attendees 5 minutes before the session begins. If you’ve preregistered and later decide not to attend, please remove the session from your agenda in the event app so your spot can be offered to the waitlist. Waitlisted attendees should monitor the event app on the day of the lab and be prepared to proceed to the room quickly if space becomes available. Note: To receive waitlist updates, be sure to enable networking and allow push notifications in the app.

Upgrading to SAP S/4HANA presents a unique opportunity to address long-standing segregation of duties (SoD) and compliance challenges—but timing matters. This session explores how a global organization evaluated whether to redesign roles in ECC prior to migration or modernize during the SAP S/4HANA transition. Attendees will hear practical considerations, tradeoffs, and lessons learned from each approach, and how those decisions impacted security, controls, and project outcomes. The discussion offers guidance for organizations balancing speed, risk, and compliance during SAP S/4HANA programs.

Moving to S/4HANA, adopting RISE with SAP, or replacing SAP IDM or GRC? Modernization is your opportunity to rethink access governance. Visit the Saviynt booth to see how Saviynt delivers modern AI powered Application Access Governance built for today’s SAP landscape.  

Learn how to:

• Modernize governance for SAP applications.
• Prevent SoD risks before they become audit findings.
• Simplify emergency access and activities.
• Automate compliance reporting.
• Extend governance to non-SAP applications in a single unified platform.

This SAP GRC for SAP HANA 1.0 Roadmap Session will provide a forward-looking view of SAP’s evolving Governance, Risk, and Compliance portfolio as organizations face rising regulatory complexity and digital risk. The session highlights key innovations across Access Control, Process Control, Risk Management, and Audit Management, with emphasis on cloud transformation, AI-enabled capabilities, and tighter integration with SAP ecosystem. Attendees will learn what’s coming in SAP’s roadmap, how it impacts current landscapes, and the practical steps needed to modernize GRC processes. Participants will leave with clarity on future direction and actionable guidance to prepare for the next generation of intelligent, connected GRC.

At some point, your SAP system may face an audit. This session explores what an audit might entail, how to prepare, and what separates a smooth audit from a painful one. Learn about different types of auditors, the focus of various SAP assessments, and why these distinctions matter. Gain insights into key areas including security, basis configurations, change control and transports, configurable controls, and reports through the lens of common questions and potential audit risks. Walk away with actionable steps to prepare, from obtaining an update on prior findings and gathering typical audit evidence, to coaching your team on how to effectively work with an auditor. Whether you are managing an SAP system under audit or you are an auditor yourself, this session provides valuable information to take the stress out of an audit.
 
You will:

• Understand the types of auditors and SAP audits and how each impacts what you are being asked.
• Review common areas of audit focus when your SAP system is in scope.
• Learn the dos and don’ts of working with auditors.
• Receive a checklist of tips for preparing your SAP system and your people for an audit.

SAP Cloud Identity Services are central to modern SAP landscapes - but many programs struggle with where IAS/IPS fit, how trust is established, and how SAP BTP security concepts translate into real configuration decisions. This session will clarify the positioning of Identity Authentication Service (IAS), Identity Provisioning Service (IPS), and related components, then connect those fundamentals to SAP BTP security essentials. You will see live demonstrations of common trust setups, group management patterns, authentication options, and a first IPS integration scenario. Take-home exercises will help you replicate the configurations later in your own environment.

By the end of this session, participants will be able to:

• Explain the purpose and positioning of SAP Cloud Identity Services (IAS/IPS) within SAP’s IAM landscape.
• Describe core SAP BTP security constructs (global account, directories, subaccounts, entitlements, role collections).
• Establish and validate trust relationships between IAS and SAP target systems (and common SAP cloud services).
• Configure IPS connectivity patterns (cloud and on-premise via proxy) and understand typical integration flows.

Explore the details of functionality, differentiators, and important platform aspects in the latest SAP GRC On Premise and Cloud provisioning and compliance solutions. Gain detailed insights into the SAP Compliance applications of SAP GRC Access Control 12.0 and SAP Cloud Identity Access Governance and consider which application, platform, and functionality is best for current and long term compliance and provisioning requirements.

You will:

• Learn about the GRC evolution and why it is important to progress and plan ahead. 
• Discover how to identify where you are on the evolution roadmap, define where you want to be, and what it takes to get there through time and effort estimates. 
• Learn about SAP GRC application functionality through the lens of real customer examples of success and pitfalls at different stages of the GRC evolution.

In many companies, the security team is often the last to be notified about user on-boarding, off-boarding, or position changes that require adjustments to users' system access and security permission levels. These delays, coupled with high volumes of manual provisioning tasks, create significant inefficiencies, leave employees without the necessary access, and introduce risky Segregation of Duty -conflicting permissions.  This session explores how SAP GRC Access Control HR Triggers, alongside SAP SuccessFactors or SAP HR streamlines provisioning through timely event-driven automation of the access request and provision process and how to leverage HR Triggers day-to-day SAP Security provisioning operations.

You will:

• Examine key SAP access provisioning challenges when HR-driven events are not integrated, including inefficiencies, security risks, and high-volume manual workloads.
• Explore SAP GRC Access Control 12.0 and SAP Cloud IAG HR Trigger capabilities for automating provisioning through HR event–based actions integrated with SAP SuccessFactors or SAP HR.
• Analyze how Arizona’s Salt River Project implemented SAP GRC HR Triggers to enable consistent, timely, HR-driven SAP access provisioning.
• Highlight key customer and consulting partner insights, including recommendations, challenges, and pitfalls to avoid for a successful and value-driven SAP GRC HR Trigger implementation.

SAP IAG Bridge enables organizations to bridge governance processes and content between SAP Access Control (GRC) and cloud/hybrid landscapes using SAP Cloud Identity Access Governance (IAG). This instructor-led session focuses on practical coexistence and phased modernization patterns: establishing the bridge architecture, configuring connectivity to target systems, synchronizing identities and repository objects, and implementing access request patterns that work across on-prem and cloud. You will see guided demonstrations of bridge-relevant configuration concepts such as integration touchpoints (including identity and provisioning patterns commonly used with IAS/IPS), request lifecycle and workflow routing considerations in hybrid environments, and approaches for aligning controls and audit evidence across tools. The session concludes with a practical view and will be supported by take-home exercises.

By the end of this session, participants will be able to:

• Explain SAP IAG Bridge architecture and positioning relative to SAP Access Control (GRC) in hybrid/cloud scenarios.
• Identify key integration touchpoints for bridging (including identity and provisioning patterns commonly used with IAS/IPS).
• Configure foundational connectivity and repository synchronization needed to support hybrid governance (identities, entitlements, and role structures).
• Demonstrate access request and workflow patterns suited for coexistence (routing, custom fields, and lifecycle visibility).
• Describe practical approaches to controls alignment (e.g., SoD ruleset) and audit-friendly evidence across GRC and IAG.
• Describe how IAG supports periodic reviews within a bridge operating model at a high level.

Governance, Risk, and Compliance (GRC) functions are under pressure to adapt to a rapidly changing regulatory landscape while managing complex SAP environments. AI and automation are transforming what organizations must look for and do to lower risk, strengthen controls, and enable predictive compliance. This session explores findings from SAPinsider’s State of the Market: GRC Report, looking at how organizations in SAP environments are leveraging intelligent technologies to modernize governance frameworks, automate compliance, and proactively manage risk.

Join this session to learn how to:

• Apply insights about the AI revolution in GRC to your own strategic roadmap.
• Identify key trends in AI adoption for GRC processes within SAP environments.
• Explain how AI-driven tools enhance risk management and predictive analytics.
• Describe best practices for automating governance and compliance workflows.
• Analyze strategies for implementing continuous controls monitoring and SoD management using intelligent technologies.
• Evaluate the impact of AI on audit readiness and regulatory compliance.
• Develop an action plan to prioritize AI and automation initiatives for GRC transformation.

Jabil successfully migrated its Access Violation Management (AVM) solution to the latest AVM Cloud platform, enabling standardized and scalable governance across multiple global SAP S/4HANA systems. This session explores how the organization executed this transformation to support continuous controls monitoring across its diverse manufacturing subsidiaries.

Attendees will learn how Jabil approached the migration with a focus on planning, risk management, and adaptability to regional operational needs. The session will highlight how the new cloud-based AVM solution improved governance frameworks, enhanced compliance, and delivered operational efficiencies. Real-world insights will be shared on how the team overcame challenges during the transition and leveraged advanced analytics to support better decision-making across business units.

In this session, you will learn:

• How to plan and execute a multi-system AVM Cloud migration with effective risk management.
• Key challenges and solutions for deploying AVM across diverse global manufacturing operations.
• How the cloud-based AVM platform improved governance, compliance, and continuous monitoring.
• Ways to leverage AVM analytics to drive operational efficiency and informed decision-making.

Lucid Motors, a fast-growing electric vehicle manufacturer, faced increasing complexity in its SAP security landscape as it scaled operations. To address challenges in compliance and efficiencies in role management and user provisioning, the company launched a strategic initiative to modernize its SAP security framework using automation and AI.

Join this session to explore how Lucid Motors accelerated its SAP security transformation by integrating advanced technologies and fostering cross-functional collaboration. You will learn how the team used GPT-based tools and automated data analyzers to streamline role placement and user mapping, while automated testing tools reduced cycle times and improved accuracy. The session will also highlight the importance of alignment between project management, IT, business stakeholders, and internal audit to ensure compliance and scalability. Lucid’s experience offers practical strategies for building a future-ready SAP security model that supports both current operations and long-term growth.

You will learn:

• How to integrate AI-driven tools into SAP security workflows to accelerate role design and validation.
• Techniques for fostering cross-functional accountability and compliance alignment across project teams.
• Best practices for implementing automated testing to reduce errors and streamline cutover.
• Approaches to building scalable governance frameworks that support long-term adaptability.

Ensuring your SAP S/4HANA system is still secure and compliant with your licensing agreements after a brownfield upgrade can be a challenge. While the introduction of Fiori can be a tremendous UI improvement for end users, an uncontrolled introduction of Fiori functions can lead to a nightmare of unauthorized access and SOD violations. Join this session to gain insight into a holistic approach to securing a brownfield SAP S/4HANA upgrade using GRC Access Control to maximize compliance while minimizing effort and RISE license costs.

In this session, you will learn how to:
Reengineer granular, SOD-compliant security roles to simplify the upgrade process.
Harmonize Fiori catalogs with security in a holistic approach to reduce work significantly.
Optimize RISE license fees as part of the reengineering."

Are you ready to elevate your SAP security expertise? Join us for an immersive and interactive SAP Security Game, crafted to simulate real-world security challenges faced by organizations—with brand new use cases! Participants will navigate various scenarios designed not only to test but also to enhance their strategic and technical expertise in SAP security. This active session offers an invaluable opportunity to enhance your skills in security planning, compliance management, and breach response while promoting collaboration and learning in a supportive and competitive setting. Throughout the workshop, we will engage with three critical topics including preventative security control implementation, compliance request/audit handling, and security breach response. 

You will: 

• Learn to develop and implement robust security controls to safeguard your SAP environment. 
• Gain experience in efficiently managing and responding to compliance requests and audits with precision. 
• Practice responding swiftly and decisively to a simulated security breach, aiming to minimize damage and ensure business continuity.

Organizations face increasing pressure to meet stringent data sovereignty requirements while continuing to innovate and operate efficiently.  This session proposes a transformative approach to GRC by unifying applications, data, and artificial intelligence within a cohesive, sovereignty-aware architecture. By integrating advanced data management capabilities and intelligent automation, enterprises can achieve real-time visibility, consistent compliance enforcement, and auditable decision-making across the entire data lifecycle. AI-powered analytics further enhance risk detection, streamline reporting, and enable proactive governance while ensuring that sensitive information remains within required geographical and jurisdictional boundaries. This integrated model not only strengthens regulatory compliance and reduces operational risk but also unlocks new opportunities for strategic value creation, positioning organizations to operate confidently in an increasingly complex global regulatory landscape.

Note: This lab session is BYOD (bring your own device). A limited number of devices may be available to borrow if needed.
Power is available at the tables. Please connect to the secure event Wi-Fi and test your browser before the session begins.

Join us for an interactive hands-on lab where you'll explore the most in-demand capabilities of SAP Cloud Identity Access Governance (IAG) from intuitive role design to automated access requests and intelligent access reviews. This session will guide you through how IAG integrates seamlessly with SAP Cloud Identity Services, creating a unified identity lifecycle across your enterprise landscape. You’ll learn how to extend IAG to support key business applications, both within and beyond the SAP ecosystem, enabling centralized policy enforcement and risk analysis. Experience firsthand how to configure critical features like access risk analysis, role provisioning, and cross-system workflows, all while using real-world scenarios that mirror today’s governance challenges. By the end of this session, you’ll walk away with actionable best practices for optimizing access governance in a hybrid environment, strategies to scale IAG adoption effectively, and insights into building a future-proof, intelligent governance model.

Capacity is limited to 50 participants. If the lab is full, please join the waitlist. Pre-registered attendees should arrive at least 10 minutes before the session to claim their seat. To ensure an on-time start, any unclaimed seats will be released to waitlisted attendees 5 minutes before the session begins. If you’ve preregistered and later decide not to attend, please remove the session from your agenda in the event app so your spot can be offered to the waitlist. Waitlisted attendees should monitor the event app on the day of the lab and be prepared to proceed to the room quickly if space becomes available. Note: To receive waitlist updates, be sure to enable networking and allow push notifications in the app.