GRCNXT
Ensure adherence with Automated User Access & SoD Reviews
Enable faster, more reliable compliance with automated authorization and SoD governance
Manual User Access and SoD reviews are slow, error-prone, and audit-heavy. ReviewNow eliminates review fatigue by automating up to 99% of User Access and Segregation of Duties (SoD) reviews in SAP, giving approvers clear risk insights and defensible decisions—every cycle.
Achieve
99% Automation
with ReviewNow
Manual reviews consume time, overwhelm reviewers, and increase audit risk. ReviewNow automates up to 99% of access review activities, enabling faster decisions, reduced effort, and continuous audit readiness.
User Access Review
Gain clear visibility into SAP user access and usage. ReviewNow supports risk-based decisions, reduces excessive privileges, and ensures compliance with internal controls.
SoD Review
Identify Segregation of Duties conflicts early. ReviewNow delivers contextual risk insights to strengthen governance and reduce audit findings, regulatory risk, and business disruption.
Sensitive Access Review
Protect critical SAP privileges with focused, risk-driven reviews. ReviewNow prioritizes sensitive access, analyzes real usage, and minimizes misuse and compliance risk.
Audit
Ready
Stay audit-ready at all times. ReviewNow maintains complete audit trails, review evidence, and decision history, reducing audit preparation effort by over 50%.
Automate SAP
Access Governance
One Platform for SAP Access, SoD, and Risk Reviews
Why ReviewNow?
99% Activities Automated
ReviewNow automates 99% of manual review activities, reducing effort across data extraction, submission, documentation, and retention while ensuring secure, end-to-end traceability.
Paperless
Reviews
ReviewNow enables fully paperless user reviews, managing the complete lifecycle from request to closure with instant access to review data, reports, and audit outputs.
Audit
Ready
ReviewNow ensures continuous audit readiness by unifying initiation, review, and reporting, with automated audit logs that reduce errors and deliver compliant documentation.
User-Friendly Workflows
ReviewNow provides intuitive workflows with multi-level approvals, flexible user or group mapping, and automated routing for accurate, adaptable review processes.
Features of Verity
Risk Monitoring
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Risk Identification
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Risk Management
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
SAP Access Review Automation – FAQs
Questions you might have about our solution
Still have questions?
Can’t find the answer you’re looking for? Please contact our SMEs.
Is ReviewNow an ABAP based application?
Yes. ReviewNow is an ABAP based application which can be installed centrally and manage additional systems/clients.
Does ReviewNow support S/4 HANA system?
Yes. ReviewNow can be implemented on ECC or S/4 HANA system (both on-premise and S/4 HANA cloud), and Rise with SAP (Private) cloud systems.
What kind of reviews can be performed using ReviewNow solution?
Currently ReviewNow supports Full user review (review for all the users in a system), Review by user group/custom group, and Sensitive Access Review. However, ReviewNow for GRC will bring additional reviews such as Mitigation Control Review, Access Owner Review and so on.
What kind of data is available for the reviewer for making a decision?
Every assigned request will contain comprehensive information enabling the reviewer to make well-informed decisions. This information encompasses roles, assigned transaction codes, actual usage of transaction codes, and the frequency of their utilization by the user. Furthermore, an array of reports is accessible to reviewers, enhancing their decision-making capabilities during the review process.
Can Reviews be automated?
Certainly! Periodic reviews can be easily scheduled utilizing a range of scheduling options available. ReviewNow accommodates both one-time and periodic reviews, offering flexibility in managing and executing review processes as needed.
How the User-Reviewer mapping can be maintained?
The ReviewNow solution offers an interface specifically designed for managing User-to-Reviewer mapping. Presently, the solution accommodates up to three levels of reviewers. Moreover, it allows the assignment of a reviewer group at particular stages. This system provides straightforward and user-friendly mapping options for ease of use.
Can we assign a reviewer to user group?
Indeed, the Reviewer mapping functionality allows for the assignment to either an individual user, an SAP user group, or a custom group, providing flexibility in configuring review assignments based on specific criteria.
Can we directly remove a tcode from the user during the review process in ReviewNow?
It is not feasible to remove an individual transaction code during the review process for the following reasons:
1. Role assigned to multiple users: If the same role is assigned to multiple users, removing a specific transaction code from the role for one user will result in the removal of that transaction code for all other users assigned to that role, potentially impacting users who require access to that transaction.
2. Change Management Process: Per the change management process, the removal of a transaction code should follow a specific process, involving removal in the development system, testing in quality assurance, and subsequently implementing the change in the production environment. As reviews are conducted directly in the production system, removing transaction codes directly during reviews conflicts with this established change management process and is therefore not recommended.
Can new roles be assigned during the review process?
No! ReviewNow solely facilitates the review of current role assignments and provides options to either retain or remove roles.
SAP User Access Review - FAQs
Questions you might have about our solution
Still have questions?
Can’t find the answer you’re looking for? Please contact our SMEs.
ReviewNow is an SAP access governance solution by ToggleNow that automates User Access Reviews, Segregation of Duties (SoD) reviews, and Sensitive Access reviews. It replaces manual review activities with intelligent workflows, usage-based insights, and automated approvals.
Yes. ReviewNow is an ABAP-based application designed specifically for SAP environments. It integrates natively with SAP ECC and S/4HANA systems, ensuring secure access to authorization data without relying on external connectors.
Yes. ReviewNow supports SAP S/4HANA on Cloud (Rise with SAP). It is designed to work across hybrid SAP landscapes, enabling centralized access reviews and consistent governance.
Yes. ReviewNow can be installed centrally and configured to manage multiple SAP systems and clients, allowing enterprises to run unified review campaigns.
ReviewNow simplifies User Access Reviews by automating reviewer assignments, consolidating access data, and presenting clear insights into roles, authorizations, and actual usage.
Yes. ReviewNow supports fully automated periodic User Access Reviews, including quarterly, half-yearly, or annual campaigns.
ReviewNow provides reviewers with user details, assigned roles, authorization objects, risk indicators, and actual SAP usage data.
Yes. ReviewNow provides transaction code–level and Fiori app–level usage insights. Reviewers can see whether access is actively used, rarely used, or unused.
ReviewNow supports SoD reviews by identifying conflicting role combinations and presenting them with contextual risk insights.
No. ReviewNow is not a SoD Analysis solution, rather it’s a SoD Review automation. It requires risk data to be uploaded either from SAP GRC or other third-party SoD solutions.
Sensitive and critical SAP authorizations must be maintained in the application based on business/IT inputs. It then highlights high-risk access and analyzes usage behaviour.
Yes. ReviewNow uses risk indicators and usage intelligence to prioritize high-risk users, roles, and authorizations.
Yes. ReviewNow analyzes real SAP usage at the transaction and Fiori app level to validate whether sensitive access is genuinely required.
ReviewNow can automate up to 99% of SAP access review activities, including reviewer assignment, access analysis, reminders, escalations, and audit documentation.
Yes. ReviewNow supports flexible reviewer assignment based on manager hierarchy, role ownership, department, cost center, or business unit.
Yes. ReviewNow supports both manager-based and role-owner-based review models, as well as custom assignments.
ReviewNow supports ISMS compliance by enforcing structured access reviews, maintaining complete audit trails, and ensuring traceability of approvals.
Yes. ReviewNow supports SOX compliance by automating access and SoD reviews, enforcing segregation controls, and maintaining documented evidence.
Yes. ReviewNow automatically captures review decisions, justifications, timestamps, reviewer details, and access changes.
ReviewNow maintains continuous audit readiness by keeping review evidence, access decisions, and compliance documentation up to date.
Yes. Based on configuration, ReviewNow allows controlled removal of SAP roles or authorizations directly from review decisions.
ReviewNow records every access decision and change with full context, including reviewer identity, justification, timestamps, and affected access.
Absolutely! ReviewNow can be integrated to SAP GRC ARM or ServiceNow and can raise requests directly in these applications after a successful review.
S/4HANA Trusted Authorization Review (STAR) is SAP’s recommended approach for validating user authorizations in S/4HANA by correlating assigned access with actual system usage. ReviewNow applies STAR principles by analyzing user authorizations together with real transaction code data.
No. STAR (S/4HANA Trusted Authorization Review) is not a proprietary framework. It is an SAP-recommended approach documented in SAP Note 3113382. ReviewNow aligns with this note by applying STAR principles to automate analysis.