[

SAP NetWeaver Identity Management Experiences from an Implementation at Colgate-Palmolive Company

Sarah Henriquez Senior Manager IT Risk Management, Colgate-Palmolive Kristian Lehment Product Manager IDM & Security, SAP AG
Real Experience. Real Advantage.

[ Agenda
Evolution at SAP towards the Solution Compliant Identity Management and Single Sign-On

Introduction The Functionality Delivered with SAP NetWeaver Identity Management

The COLGATE-PALMOLIVE Company
Facts & Figures

Implementation at COLGATE-PALMOLIVE Company Learning Points Business Challenges Benefits Plans Going Forward

Real Experience. Real Advantage.

[ Compliant Identity Management and Single Sign-On

Compliant Identity Management and Single Sign-On

Compliance and Governance

Authentication and Single Sign-On

Identity Management

SAP Access Control

SAP NetWeaver Single Sign-On

SAP NetWeaver Identity Management

SAP offers a complete suite of compliance, governance, identity management, and single sign-on solutions

Real Experience. Real Advantage.

[ The Identity Lifecycle

How long does it take for new employees to receive all permissions and become productive in their new job?

How can you remove permissions automatically if employees change their position?

Are permissions automatically adjusted if someone is promoted to a new position?

How long does it take to remove ALL permissions of an employee? And how can you ensure that they were properly removed?

Who has adequate permissions to fill in for a co-worker?

Real Experience. Real Advantage.

[ SAP NetWeaver Identity Management Functionalities

Holistic Approach
SAP HCM e.g. on-boarding SAP Business Suite Integration Compliance checks SAP Access Control Identity virtualization and identity as service

Approval workflows

SAP NetWeaver SAP NetWeaver Identity Identity Management Management

Central Identity Store

Reporting

Password management

SAP applications
Rule-based assignment of business roles

Non-SAP applications
Web-based Single Sign-On and Identity Federation

Provisioning to SAP and non-SAP systems

Real Experience. Real Advantage.

[ History of Compliant Identity Management

and Single Sign-On
October 31, 2011of SAP NetWeaver Identity Management 7.2 General availability 09, 2011 August availability of SAP Governance, Risk, and Compliance General
Solutions, Release 10.0 2011 June 14,availability of SAP NetWeaver Single Sign-On 1.0 General January 12, 2011 security products and assets from SECUDE SAP acquires software 2009 June 16,availability of SAP NetWeaver Identity Management 7.1 General 2007 June 15,availability of SAP NetWeaver Identity Management 7.0 General 14, 2007 Mayextends identity management capabilities in SAP NetWeaver SAP with acquisition of MaXware

April 03, 2006 leadership in compliance solutions with acquisition of Virsa SAP strengthens

SAP Access Control SAP NetWeaver Identity Management SAP NetWeaver Single Sign-On

Real Experience. Real Advantage.

[ SAP offers Rapid Deployment Solution

to meet specific business needs
Software
Quickly address the most urgent business processes

Content
SAP best practices, templates and tools make solution adoption easier
Software Service Content Enablement

Enablement
Guides and educational material speed end user adoption

Service
Fixed scope and price provides maximum predictability and lowers risk

Real Experience. Real Advantage.

[ which allow predictability, out-of-the-box integration

and adoption choices as business demands
Predictability
Fast value in days/weeks Fixed cost and fixed best practice scope

Integration
Integrated start and growth options Immediate and future IT and business processes landscape integrity

Choice
Modular packages to meet specific business needs and allow individual adoption paths Flexible licensing and deployment options

Real Experience. Real Advantage.

[ Predictability: Solution adoption made simple

Predictability

Implementations in a matter of days/weeks Clear pricing, scope, timelines and outcomes Proven best-practices from an extensive customer and qualified partner ecosystem
Real Experience. Real Advantage.

[ Agenda
The COLGATE-PALMOLIVE Company - Facts & Figures Implementation at COLGATE-PALMOLIVE Company Learning Points Business Challenges Benefits Plans Going Forward

Real Experience. Real Advantage.

10

$16.7 + Billion in Sales

Products Sold in 200 Countries & Territories

Sales by Division
Pet

39,200 Colgate People

13% Greater Asia/Africa 20%

North America 18% Latin America

Europe/South Pacific 21%

28%

ORAL CARE

PERSONAL CARE

HOME CARE

PET NUTRITION

[ Learning Points
Pre-implementation insights that were important for the project: SAP NetWeaver Identity Management is a framework and it is highly customizable Understand the current business processes in use at Colgate-Palmolive Company

Real Experience. Real Advantage.

13

[ Overview of Identity Management at Colgate

Colgate uses the application to centralize and synchronize user accounts for E-mail, SAP user IDs and Network access (MS-Active Directory) Standardize identities using Human Capital Management (HCM) global personnel number as a unique identifier

User accounts mapped to the global personnel number

Automatically creates and terminates accounts based on HCM action types

Real Experience. Real Advantage.

14

[ Business Challenges
Addresses current business challenges: Users need accounts in multiple applications Multiple organizations support account creation / termination

Manual process requiring complex reconciliation

Decentralized account administration processes for different applications

Real Experience. Real Advantage.

15

[ Benefits
One single source of truth

Automates creation of user accounts

Automates compliance and timeliness of terminations Improves employee experience

Real Experience. Real Advantage.

16

[ Best Practices
Automation of manual process

Global centralized process

Real Experience. Real Advantage.

17

[ HCM Integration with IdM

HR to enter data for employees

HR
1

Identity Management
2
RFC

Create employee record

Receive HR Data

Update employee record with SAP Id + Email (Infotype 105)

3
Web Service

Calculate SAP Id and Email address

Real Experience. Real Advantage.

18 of 22

[ Lessons Learned: HCM Integration with IDM

Data entered in the global HCM system The timeliness of the data entered Understand the data needed Use of employee information for account creation Accuracy of user address information

Real Experience. Real Advantage.

19

[ Where are We Now?

Jun 2010 Jul 2010 Aug 2010 Sep 2010 Oct 2010 Nov 2010 Dec 2010 Jan 2011 Feb 2011 Mar 2011 Apr 2011 May 2011 Jun 2011 Jul 2011 Aug 2011 Sep 2011 Oct 2011 Nov 2011

Email account v 7.1

SAP User Id Account v 7.1

Network account automation v 7.1

Real Experience. Real Advantage.

20

[ Identity Management Account Automation

HR to enter data for employees

HR
Create employee record

Identity Management
Create user account

Network account
Provision Active Directory account
Real Experience. Real Advantage.

Email
Provision Lotus Notes account

SAP CUA
New SAP User Id
Role provisioning to target systems
21

[ Long Term Strategy

Single Sign-On Self-service Integrate GRC Migrate CUA managed systems to IdM Upgrade 7.2
Password resets Lock/unlock

Fully automate creation/termination

SAP, Email, Network Id

Real Experience. Real Advantage.

22

[ Plans Going Forward

Increase scope on IDM to manage all employees

Upgrade SAP NetWeaver Identity Management to version 7.2 Integrate Governance, Risk, and Compliance (GRC) process (SAP Access Control)
Automate role assignments were possible Implement SAP NetWeaver Single Sign-On
Real Experience. Real Advantage.
23

[ Key Lessons Learned

Alignment with HR is key

Change Management
Understand changes and impact to current business processes
What is changing What is centralized

Understand the data coming from HCM into IDM Identify key technical and business process expertise Communication is key
Real Experience. Real Advantage.
24

Thank you for participating.

Please remember to complete and return your evaluation form following this session. For ongoing education on this area of focus, visit the Year-Round Community page at www.asug.com/yrc

]
25

SESSION CODE:

1004

Real Experience. Real Advantage.