Security and Compliance Software

Thomas made this Rhyddid Gwybodaeth request to Civil Nuclear Police Authority

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

Mae'r ymateb i'r cais hwn yn hwyr iawn. Yn ôl y gyfraith, ym mhob amgylchiad, dylai Civil Nuclear Police Authority fod wedi ymateb erbyn hyn. (manylion). Gallwch gwyno drwy yn gofyn am adolygiad mewnol.

Dear Civil Nuclear Police Authority,

Can you please confirm if you currently use or plan to use any of the
following software:

1. SAP Business Integrity Screening
2. SAP Access Control
3. SAP Process Control
4. SAP Audit Management
5. Identity Access Management
6. SAP GRC
7. SAP Risk Management
8. SAP Global Trade Services

In the event that you currently use any of the aforementioned software:

Do you have a support contract with an external provider for SAP Support?

If you employ any of the aforementioned software or have a support
contract what is the renewal date?

Where is your SAP infrastructure located and in what format?

When is the contract for third party support of your SAP infrastructure
due for renewal?

Do you manage SAP Security, SAP Role Authorisations and SAP Role Designs
internally or through an external provider?

If SAP Security, SAP Role Authorisations and SAP Role Designs is managed
through an external provider, what is the renewal date?

Which organisational department is responsible for managing overall SAP
Security, Role Authorisations and Role Design?

When is your next internal and external audit covering SAP roles and
access?

Where do you advertise any SAP related procurement opportunities?

Yours faithfully,

Thomas