Download whitepaper: Between flying blind and personal liability
Why SAP security under NIS2 and DORA is now a top priority
SAP systems control central business processes: from finance and human resources to purchasing and production. At the same time, security-relevant activities in the SAP environment remain incompletely visible in many companies.
With NIS2, BSIG and DORA, the requirements for companies to manage cyber risks in a structured manner, implement security measures in a comprehensible manner and recognise incidents in a reliable manner are increasing. As a result, the responsibility of management is also becoming more prominent.
This white paper helps you to better categorise risks, responsibilities and technical fields of action in the SAP context in a compact, understandable and practical way.
- Better understand risks in SAP systems
- Categorise relevance for management and governance
- Recognise monitoring and logging gaps
- Derive measures for the next 12 months
Why this white paper is relevant now
Many companies still view SAP security primarily as a specialised technical issue. This is precisely what is increasingly becoming a risk.
Because where there is a lack of transparency about critical activities, security-relevant events cannot be clearly traced and SAP systems are only incompletely integrated into security processes, it is not only operational risks that arise. The requirements for control, supervision and verifiability are also growing.
NIS2, BSIG and DORA are therefore increasing the pressure to anchor SAP security in a more structured way, not only in IT but also at management level.
Who the white paper is intended for
The white paper is aimed at specialists and managers who are responsible for SAP security, governance, compliance and IT risks, in particular
Managing directors
CISOs and IT security managers
SAP Basis and SAP security teams
IT managers and security architects
Questions answered by the white paper
- Why is SAP security increasingly becoming a management responsibility?
- What role do NIS2, BSIG and DORA play in the SAP context?
- Which risks in SAP systems are often underestimated?
- How can security-relevant activities in SAP systems be better tracked?
- What are the ten minimum measures according to § 30 BSIG and how do I implement them in the SAP system?
- What significance does the SAP Security Audit Log have for monitoring and verifiability?
- Which measures should companies prioritise now?
Strengthen SAP governance now
With NIS2 and DORA, SAP security is becoming a management task. If you want to implement regulatory requirements efficiently, you need clear priorities and a robust strategy.
We will show you how to translate the recommendations from the white paper into concrete measures for your SAP landscape.
Use our expert call for an initial technical categorisation and a clear view of the next steps.