Likelihood to Recommend Pentana is great for monitoring PIs and risks. We find it less helpful for monitoring projects (with the Actions module); it isn't quite flexible enough for our needs, though the support team have been very helpful in adding custom fields for us.
Read full review Appropriate for SAP hrs hierarchy integration and can have multiple hierarchies of org structures adopted as alternative workflow support. Cons of access control are the logs of firefighter usage are still limited in depth and does not evolve to adop more cloud products which are coming at a plaster pace than the ac product as such.
Read full review Pros Pentana is excellent for monitoring, recording and reporting on PIs. Very easy to use the PI module. Pentana is excellent for monitoring risks at various levels (service, strategic etc.). Risks are displayed very clearly in a tree structure and the module is relatively easy to use. Read full review SAP Access Control ensures that our services are accessed by the right users since it send me alerts when an employee tries to access any application. That way, I am able to either authorize or cancel the request to safeguard of company data. With SAP Access Control, it is easy to automate and monitor how our team access services and applications. SAP Access Control has an automatic feature that notifies me when employees access applications and services and the issues they are encountering. In addition, SAP Access Control add security on employees login to ensure that their data on the applications are encrypted to never leak to cyber attackers. Read full review Cons Pentana could improve the free Documents module that comes with Pentana Risk. At the moment documents have to be linked to an action in order to display query results (such as how many documents are due for review) - this can be confusing for users who don't understand why there is an action linked. There is also no easy way for users to see the documents that are assigned to them. We would like to use the Actions module fully in order to monitor our corporate projects, but it a bit confusing for users and not very flexible when a project doesn't mirror Pentana's way of monitoring actions. Read full review It still uses the webdynpro for the front end. All webdynpro applications should be migrated to Fiori for a better user experience. Some functionalities can't manage in mass way. I.E. building derive roles/multiple single roles, Interface with LDAP is not efficient. Read full review Likelihood to Renew We are very happy with it.
Read full review Usability Some modules are more user-friendly than others. It's sometimes not obvious where to click to update the fields (or even that field titles can be clicked on). We have written 'Howdys' to help users. There can also seem to be a lot of steps/clicks to updating risks and actions. The Reports module on Pentana classic is certainly not user-friendly, particularly the Report Layout and Charts modules - we were told these would be integrated into the web version but this hasn't happened yet.
Read full review This is a great tool for a medium to large sized company. SAP Access Control requires a great deal of SAP knowledge to use, but it is certainly information that can be learned. Their customer support is wonderful and easy to work with. The overall usability is great. I greatly recommend this software.
Read full review Support Rating The support team are excellent and always answer queries promptly. They are very helpful.
Read full review This product fulfills all our requirements. We can use this for user management, role management, risk analysis, business role management, workflow management. Initial configuration takes a lot of effort. Otherwise it's a great product for the end user. SAP Access Control tool performance needs improvement, sometimes it slows down the processing time for requests.
Read full review Alternatives Considered We selected Pentana because our neighbouring authorities are users and had spoken highly of the product and given us demonstrations; some of our staff were also familiar with Pentana when it was called Covalent. It seemed to be the best product on the market for monitoring risks, PIs and projects.
Read full review Pricing was higher for the cloud version of the BTP service - IAG. SAP Access Control pretty much facilitates everything we are looking for as an enterprise with an efficient dollar cost ROI for the services we are looking for. Also, there were many features on the cloud version which came bundled with the license and we had to pay for them even though we did not actually use these products.
Read full review Return on Investment Pentana Risk has allowed my team to focus on other areas of work whereas before we would be manually chasing for updates on PIs and risk. Pentana Risk does the chasing for us! We are able to produce reports for audit purposes very easily, rather than sending spreadsheets which is what we used to do. New managers can easily inherit risks, projects and PIs and see all of this on a custom portal, saving them time when they start. Read full review Reducing risk of fraud. Implementing SAP Access Control allows analysis of every role assigned to a job on the organization. Through this analysis, weakness on roles are detected, corrected and monitored. As the users feel the change, they also feel that they are being monitored, preventing any intent to use his position and privileges to take personal advantage. So a major impact to organizations is to reduce the financial lost due to frauds. Reducing cost for monitoring. Another positive impact is lowering the cost of monitoring. This is twofold: First, a rather small team can manage access management. Second, through the use of SAP Access Control the complete universe of roles and users can be monitored without increasing the cost for the continuous monitoring. During transactions. The use of SAP Access Controls allows detection of transactions that, from an information security point of view, require some redesign. When SAP GCR is implemented, you make some discoveries such as: obsolete transactions, transactions with no authorization objects and the like. The transactions with these problems can be left out of the active roles, waiting for remediation of the issues found. Luis Cruz Director de Gestión y Auditoría de TI
Read full review ScreenShots