VASPP helps Fortune 200 companies increase efficiency and cut costs by simplifying SAP. We design, build and maintain tailor made SAP Fiori solutions that reflect your business' needs and processes. Recent satisfied clients include Veolia, Plastic Omnium, Lesaffre, Swiss Life and Total.If you are interested in simplifying the use of SAP within your company please send me a message on Linkedin to arrange a free strategy consultation.

Review GRC processesEnhance control improvementsInitiate Risk AssessmentsAnimate GRC & Internal Control workshops

Delivering Warehouse Management Application on SAP FIORI. The SAP FIORI application have been delivered with the PoC scope :=> Goods Receipt - Movement type (101/103 & 105)=> Goods Returns=> Goods issue=> Inventory Count=> Inventory First & Second=> Print label

Main Phases :1- GRC Migrationa) GRC AC 5.2 to GRC AC 10.0b) Decentralization implementation for EAM (FF)c) Deployment and trainingd) Continuous GRC assistance and support2- PO (Auto-Exterior) : a) Access Risk Analysis deploymentb) Access Request Management (formerly CUP) -: Successful Pilot & Training)-----------------------------------------------------------------------------------------------------------------------------------o Guiding technical/functional requirements for Business Object GRC 10.0 Upgrade from CC 5.2o Installation assistance on SOLMAN Dev & Prodo Delivering workshops to discuss GRC functionalitieso Addressing Security and Authorization challenges Hiring & Retiring user procedure Authorization Role Matrix Transactions & Critical Authorization Objects Best Practice and authorization recommendationso Internal Control presentation – What is/Why GRC ?o Design GRC landscape as per customer needso Starting GRC CC 5.2 migration to GRC AC 10.0 / Converting SoD Rule Matrixo Importing Control Matrix / Batch synchronizationo Testing Risk Analysis & Populating Dashboardso Delivering Authorization remediation plan / Cleaning-up Roles & Userso Building new roles (compliant) / Implemented new business blueprint practice – Master & Derived roles for the several divisiono Integrating the CUA with the GR Access Control “Access Request Management” CUP tool

o Reviewing and re-defining the KPI Dashboard business requirementso Collaboration with the customer and the internal and external SAP Expertso Organization of meetings and workshops with SAP Experts and Business Roadmap SAP Program directors (SAP HANA, SAP UI5, FIORI, SAP-UX )o Starting new design approach with customer Aramco for the CEO Dashboarda- WireFrame& Storyboardb- New Design proposal on Landing page, Graphs, Interaction screens and analysis viewo Driver tree implementation based on UI5 to perform forecasts and financial simulation toolo initiate comparison between the current Driver tree based on SAP Business Objecto Facilitate communication between the several on-site teams, and customer in Saudi Arabiao Daily Scrums reportso Managing technical SAP UI5, HTML5 and CS3 teamo Solution architecture : SAP BI, BPC and NW Gateway o Integration of BI & BPC data flow with front-end (data binding)

1 -- Management achievements Performing a formal high level SAP GRC Solution presentation in front of the European Business Directors and the Internal control departement Launching the SAP GRC project (kick-off) with a defined roadmap Undertaking tasks as directed by management once we received new guidelines Liaising with business process analyst users to manage expectations, resolve issues and ensure the project remains focused on the defined delivery and scope. Ensuring that all specified business needs are addressed as part of the SAP GRC solution (scope as part of the 1st phase : Finance, P2P & Order2Cash) Delevering SAP ISU & IS OIL Matrix (not supplied by SAP)SAP FI : AP, AR & CA (Invoice, Paiement & Credit Note Management)SAP : MM & SRM (Vendors' Management Vs PO & GR processes)SAP : ISU & SD (Clients' Data Managmt Vs Invoice & Reimbursement processes)Ensuring that business requirements have been properly captured and documented. Coordinating internal and external project resources for key project deliverables including technical design requirements 2 -- Technical achievements Assist the SAP technical during the SAP GRC implementation phase Provide input and guidance to key SAP Segregation of Duties (SoD) design decisions and configuration issues with particular emphasis on using "SAP Best Practices) Analysing business processes and technical analysis by mapping business requirements into more technical terms Configuration of the business defined SoD Matrix (Top 10 risks for Sales & Purchasing) Analysing the SoD reports by roles and users, showing top risks to the Business Handling and performing remediation workshops in order to either eliminate the risks or control it though mitigating controls Providing solutions to the Business with the less impact with regards to the existent organisation Ensure that support documentation files are updated so that adequate service levels can be maintained.

1 - Management achievementso Defining scope with the cliento Ensuring that all specified business needs are implemented as part of the SAP IDM & GRC PoC o Performing a SAP IDM 7.1 & GRC implementationo Developing different provisioning scenarios for applications and systems : => Windows AD => Windows Exchange (Mail server => Oracle (Database) => PeopleSoft (HR system) => Unixo Validating the IDM integration with SAP GRC Access Control 5.3o Providing a SOA (Service Oriented Architecture) enterprise solution for their applicationso Compliancy : Focusing on integrating full Segregation Of Duty (SoD) compliancy through a full SAP GRC Access Control integrationo Certifying that business and technical requirements have been correctly installed and configuredo Delivering a powerful and stabilized environment to demonstrate all the SAP IDM & GRC capabilities

SAP Identity Management & GRC Consultant: Developing a SAP IDM & GRC Business Case------ Management achievements ------o Performing a formal high level SAP GRC Solution presentation in front of the European Insurance Directors and SAP Competency Center departmento Presenting different SAP IDM & GRC scenarioso Offering and defining an implementation strategyo Providing an SOA (Service Oriented Architecture) enterprise roadmapo Focusing on defining the SAP IDM & GRC scopeo Defining the main target and business requirementso Ensuring that all specified business needs are addressed as part of the SAP IDM & GRC solutiono Certifying that business requirements have been properly captured and documented.o Writing down the SAP IDM & GRC technical design requirements

Achievements Role design & change management process Providing authorization recommendations and best practices for the Business Delivering delicate security solutions once required by the business Enhancing the documentation and technical procedures Helping and collaborating with the SAP security teamAnalyzing the client’s requirements and specific needs

My role involves to accelerate the SAP GRC Access Control implementation.o Analyzing the client’s requirements and specific compliance needso Collaborating with the Business Departments and planning the projects

My role involves marketing and sales support on GRC Access & Process Control Solutions with the Identity Management 7.0 / CRM Security projectso Analyzing the client’s requirements and specific compliance needso Collaborating with the Business Departments and planning the projectso Meeting with the clients and preparing functional workshopso Reviewing SoD matrixes and Security Controlso Analysing the Internal Control procedureso Improve Single Sign-On & Auto-Provisioning with the help of IDMo Defining the GRC roadmap for the customero Planifying the CRM projects & Blueprints o Starting the CRM audit, design and conception phaseso Implementing the GRC Access Control & Process Control solutionso Providing the GRC & CRM deliverables -> Performing an audit ( Authorisation and security audit on the SAP systems : ECC, R3, CRM, SRM, BW...) -> Supplying an action & communication plan (Change management procedure -> Authorisation implementation on ECC, BI, CRM, Portal(PCUI, ISA tool,ESS&MSS) : design and configuration -> Delivering & Approving the Business SoD matrix ( Internal Controls, Internal Auditors, ...) -> Configuring the GRC Solution (Compliance Calibrator, Access Enforcer, Role Expert, Fire-Fighter) -> Accomplishing a Gap Analysis ( organising and leading workshop with the functional teams and key users, ...) -> Defining the Identity database from the HR organisation -> Configuring the LDAP Connectors and Privileges -> Creating and scheduling the jobs -> Configuring the IDM Workflows & Test phases -> Pilot Validation ( defined scope as per client’s requirements , per sites or departments) -> Achieving the SoD analysing and remediation phase ( simple roles, composite roles, users, critical transactions, critical permissions, ...) -> Managing the Go-Live deployment

My role involves SoD compliance achievement (One Project)o Following the start of the so called “ONE” project (merging amid three large companies)o Cooperating with the Sponsors and Internal Controlso Launching the kick-off SAP GRC meetingso Study the integration between BI 7 new authorization concept and CRM 2007o Planning and designing the new SoD matrix and business processes.o Organizing and leading workshops with the stakeholderso Documenting the SoD processes and the analysing and remediation methodologyo Launching the role single and composite role changes prior to the user changeso Preparing the mitigating controls once the SoD arises and cannot be eliminatedo Training key actors (Functional and technical teams)

My role involved SoD compliance achievement (InGoal Project)o Organising and leading SoD meetings to examine the company’s security and SoD requirements, determining the targets and defining the responsibilities of each part of the businesso Configure the territory management to meet the requirementso Configure the CRM Web UI to address the functional accesseso Identifying the existing Business Processes and Job roleso Defining the job functions, transactions and SoX riskso Implementing the critical transactions and permissionso Running Risk Analysis and outlining an remediation action plan to get the system clean (SoD Free)o Cooperating with the either Business Process or System Owners in order to define the mitigating controls (compensating controls in order to reduce the potential remaining risks).o Training the stakeholders and security teams o Documenting the change management procedures and security forms

My role involves Financial SoX compliance accomplishments.o Arranging "Kickoff" meetings to examine the company needs and goalso Analysing of existing Segregation-of-Duties (SOD) data and security processeso Collaborating with the Business Process Owners and Internal Control divisionso Identifying risks and performing SAP security roles remediationo Documenting VIRSA procedures for futures releases

My role here included security team managemento Client liaison in charge of EMEAo Managing major security issues with the UK local support teamo Supervising a third-party support team based in Mumbai (India) o Assessing risk and audit approacho Documentation of systems and testing of controlso Liaising with project management teams in support of the Go-Live, mainly for ECC & HR.

o Implement the authorization company concept o Building of roles (master roles and derived), Testing and following of them,o Realization from first requirements, analysis, design, construction, tests and put in production for BWo Provide security guidance to the functional teams regarding SAP functional security i.e. finances, logistics, sales and distribution, etc.o Application of SOX regulationso Sarbanes-Oxley : applications of procedures and checking that procedures are respected notably segregation of dutieso Assist the security team in the information gathering of the functional security requirements, recommend best practice based on previous assignments o Defining the necessary user role roles in accordance with the security implementation methodology, standards and procedureso Co-ordinate and assist in the testing of roles with the functional teams

o Put in place all steps for authorization for all components o Converting Profiles to different types of Roles (Simple, Derived and composite)o Extract users from profiles and assign them to the new roles through a “BAPI”o Take advantage of the upgrade to optimise the security policyo General design, process map analysis, detailed design.o Writing of all security procedures and the policies.o Project authorization managemento Proposition of best practiceso BW authorization managemento Application of SOX orders and VIRSA tool usedo Evaluated Central User Administration functionality and feasibility

o Participation to the new projects and extensions, design the new roles as necessaryo Provide diagnosis and troubleshooting when an issue is raised, liaising with key userso Regularly check the situation by running needed control programs, checking logs, etco Maintain necessary documentationo Configured and Setup Transport Management System (TMS) on all the system Landscape. Daily administration of all SAP Instances and Application Servers . Performed transports as required and Managed all change request in the entire System Landscapeo Daily tasks includes maintaining and administering Oracle database 8.0.5.X using SAPDBA, Tablespace management and administration, Offline and Online backup strategy implementation and support. Performance tuning of all R/3 Instances , Oracle database and Operating system capacity planning for R/3 Instances .Performed memory management on Instances when necessary.o R/3 upgrade from 4.0b to 4.6b