SAP Information Lifecycle Management


Winterhawk recently asked SAP’s Dr. Neil Patrick, Director, GRC & Security CoE, Digital Core & Industry Solutions for EMEA South, for his views on SAP’s Information Lifecycle Management (SAP ILM). We posed the question:

Regulations, managing and enforcing retention policies, archiving, preventing data deletion, dealing with legacy data – its never easy for an organisation, and it seems like its getting harder and harder. How does SAP ILM solve the problem Neil?

Neil’s reply:

The short answer is if you need to manage migration of data as part of your digital transformation journey, graceful and safe deletion of SAP data, or setting and managing retention periods – Information Lifecycle Management is the only tool.


Why SAP Information Lifecycle Management?

Many organisations are now setting themselves a goal to design and implement a sustainable, consistent and effective process and governance model to support Identity Lifecycle Management (ILM).

Features of SAP Information Lifecycle Management

  • Lower Risk and provide awareness of Risk position
  • Enhance system security
  • Increase compliance through automation and controls standardisation
  • Bring organisational efficiency gains through centralisation of processes and automation
  • Drive improved and more efficient processes (cost save, cost avoidance)
  • Increase user satisfaction (faster, easier, self-service, mobility)
  • Enhance transparency

What are the drivers?

  • Changing regulation: a robust ILM target operating model supports GDPR and other regulatory requirements by establishing processes and rolling out systems that protect access to critical data.
  • Evolving threat landscape: a sound ILM process reduces threats of cyberattacks by protecting and monitoring accesses to critical systems.
  • Increasing Digitalisation: supports an organisation’s digitalisation strategy by providing  automated processes and controls and cloud solutions.
  • Organisational convergence: Support transformation and ensure they benefit from robust processes and technology.

What are the challenges our clients typically face?

  • Inconsistent approach to access management across systems/ applications, often managed locally.
  • Lack of corporate central governance.
  • Primarily manual controls and with identified limitations.
  • Joiners/Movers/Leavers Process lacking definition and ownership, especially around access management for Contractors.
  • Inconsistent user ID creation: multiple user IDs for one user.
  • No consistent approach to identify business critical applications through a pre-defined risk assessment.

Winterhawk’s 10 Building Blocks to successful Information & Risk Governance

These 10 core Building Blocks underpin an organisation’s Risk Management. When they operate effectively they work as enablers for enhanced compliance, improved speed and agility, provide greater user empowerment, and promote both awareness and ownership of Risk.


Get in touch

If you are needing help to implement SAP Information Lifecycle Management, drop us a line, we’d be delighted to talk to you.