AI capabilities, including SAP Joule, are being activated alongside SAP S/4HANA migrations, not after them. That means organizations need a governance framework for AI-driven processes in place before go-live, not as a follow-on initiative. This session addresses how to assess and control the risks that AI introduces into SAP workflows during migration and early operations, when control environments are already under pressure from transformation itself.  

Key Learning Objectives: 

• Understand how AI tools embedded in SAP S/4HANA, including Joule, interact with access controls, SoD rules, and approval workflows, and where migration creates new exposure 
• Learn how to extend your migration-phase control framework to cover AI-assisted transactions, non-human identities, and automated decision-making 
• Leave with a risk assessment approach for AI use cases in SAP S/4HANA that can be embedded into your migration workstream rather than addressed after go-live 

Managing identities and access remains an ongoing challenge for customers, and operating in a hybrid landscape requires an integrated approach to provide a seamless user experience while ensuring security and compliance.  

Key Objectives:

• Understand challenges in managing identities and access in a hybrid landscape, including architecture requirements to consider in adopting AI
• Learn about the portfolio and reference architecture of identity and access solutions from SAP
• Hear about considerations for integrating into your broader enterprise identity strategy

Get hands-on with SAP Cloud Identity Access Governance (IAG) and learn how to design roles, automate access, and enforce risk-aware policies alongside your shift to Cloud ERP.  

Key Learning Objectives:

• How to streamline role design, access requests, and reviews using IAG + SAP Cloud Identity Services
• How to extend governance across hybrid landscapes with centralized risk analysis and policy enforcement
• Practical strategies to scale IAG adoption and build a future-ready access governance model

SAP S/4HANA migration is the right moment to rethink how controls are monitored, because the environment you are moving into is faster, more automated, and more integrated than what you are leaving behind. Quarterly sampling and manual reviews were designed for a slower system landscape; they will not keep pace with the transaction volumes and integration complexity of a live SAP S/4HANA environment. This session shows how to use migration as the opportunity to build continuous controls monitoring into your target operating model from the start.  

Key Learning Objectives: 

• Understand why SAP S/4HANA's speed, automation, and integration complexity make continuous monitoring a necessity rather than a best practice for post-migration operations 
• Learn how to scope a CCM program during migration planning, identifying the highest-risk financial and access controls to automate first 
• Walk away with a phased approach for moving from periodic audit cycles to real-time control visibility that is operational from day one of go-live 

Moving to the cloud introduces a new paradigm of shared responsibilities between cloud service providers (CSPs) and their customers. This shift requires a reevaluation of traditional internal controls and audit practices, and a deeper understanding of the delineation of responsibilities to ensure data integrity, security, and compliance.  

Key Learning Objectives:

• Learn about the differences in responsibility across various cloud service models (IaaS, PaaS, SaaS)
• Understand the impact on security practices, compliance considerations and internal controls
• Hear best practices for collaborating with your cloud service providers, and where you can find the information you need as you evaluate the impact on your internal controls environment.

Bring your toughest questions on access, controls, audit readiness, and accountability in cloud-based SAP environments. This roundtable gives security, GRC, and controls leaders a forum to pressure-test current approaches, surface blind spots, and discuss where responsibility should sit across SAP, hyperscalers, system integrators, IT, and the business. Participants will come away with peer-tested ideas for strengthening control coverage and reducing risk as SAP landscapes become more connected and automated.

One of the most common and costly surprises in SAP S/4HANA migration is discovering that the SoD framework built for SAP ECC no longer works. Fiori apps, flexible approval workflows, and a restructured authorization model create entirely new risk combinations, and most organizations don't find the gaps until post-go-live, when auditors do. Before your migration moves further, gain a clear picture of what breaks, why it breaks, and what to redesign early in your migration planning.   

Key Learning Objectives: 

• Understand the specific technical and business changes in SAP S/4HANA that invalidate ECC-era SoD matrices 
• Learn how to identify new SAP S/4HANA risk combinations that require new rules and role design 
• Leave with a practical approach for rebuilding your SoD matrix as part of migration planning, not as a post-go-live remediation effort