SAP Blog

Enhancing the SAP GRC User Experience: Fiori Tiles in Access Control, Process Control and Risk Management

In this blog, we highlight how SAP Fiori improves the user experience around SAP GRC Access Control (AC), Process Control (PC) and Risk Management (RM). We also provide a list of available native Fiori apps for SAP GRC AC, PC and RM and share our experience on what to consider when designing the role concept for SAP Fiori.

How can SAP Fiori enhance the user experience?

In a rapidly changing world, the user experience (UX) plays a vital role in determining the success of a product or application. A high-quality UX becomes crucial for capturing and retaining business user attention, satisfaction, and engagement. The internet and mobile apps have demonstrated that a user interface can be self-explanatory, without the need for a user guide to understand how to navigate and enter data on a new website or in a new app.

SAP Fiori facilitates users in optimizing work processes through intuitive design and unparalleled flexibility, thereby fulfilling their user experience needs. With SAP Fiori, users can easily access SAP applications via a web browser. With support for all devices (desktop PC, laptop, tablet, smartphones), the interface is automatically adapted providing comfortable usage of the app on any device.

SAP Fiori follows four principles to ensure the best user experience:

  • Role-based: Provides users with the specific functionality needed to perform tasks in the SAP system.
  • Responsive: Supports all types of devices and allows optimized and flexible work through the adaptation of the interface.
  • Simple: Breaks down complex transactions into simple apps with minimal screens and clicks.
  • Coherent: Provides a common design for all apps.

There are compelling reasons to choose SAP Fiori over NetWeaver Business Client (NWBC), despite both being web-based user interfaces. First, SAP Fiori stands out as a more contemporary solution, offering a much better user experience. Secondly, it offers enhanced flexibility for end users, allowing users to effortlessly:

  • Select from a variety of appealing themes.
  • Personalize the landing page to add frequently used apps to perform daily tasks, similar to the Favorites functionality in the SAP GUI.
  • Efficiently search for available apps.

SAP consultants benefit from the change as well. SAP Fiori simplifies the design and maintenance of launchpads. There is no need for developer keys to create a custom launchpad and therefore, SAP security teams require less time and effort to create and maintain role-specific launchpads.

 Example of the NWBC Launchpad

Example of the Fiori Launchpad

Currently, most Fiori apps available for SAP GRC Access Control, SAP GRC Process Control and SAP GRC Risk Management are embedded Web Dynpro applications, which we know from NWBC. However, SAP developed a few native Fiori apps, which can be good add-ons to end users launchpads. The list of these apps and all details on how to configure them at

The complete list of Fiori native apps for SAP GRC PC and RM can be found below:


Transactional Apps:

·       Test Control Effectiveness

·       Monitor Issue Status

·       Monitor Control Status

·       Complete Sign-Off

·       Manage Risk Assessments

·       Manage Risks

·       Manage Enterprise Activities

·       Manage Responses

·       Manage Validation of Risks

·       Manage Validation of Activities and Risks

Analytical Apps:

·       My Compliance Tasks

·       Risk Manager Dashboard


The complete list of Fiori native apps for SAP GRC AC can be found below:


Transactional Apps:

·       Access Approver

·       Check Request Status

·       Compliance Approver

·       Request Access

·       Request Access for Others

Analytical Apps:

·       Access Request Overview

·       Emergency Access Management Overview

·       Role Management Overview

·       Access Control Dashboard Overview


To gain a better understanding about the functionality provided by the native Fiori apps for process control and risk management, let’s take a closer look at two of the above-mentioned apps:

My Compliance Tasks provides a clear overall picture of the status of a user’s current work items. The user can review key metrics and filter the results to focus on their priorities.

Test Control Effectiveness is designed to perform, review and document the evaluation of controls. The app displays all the control tests assigned to a user, with details of the required test steps, the relevant control and other test-related information. It is also possible to upload relevant documentation and record the results.

The adaptive user interface ensures comfortable usage on all devices when carrying out the assessment.

SAP Fiori enhances the user experience for SAP GRC Access Control, Process Control and Risk Management end users by providing an intuitive interface with the possibility of adding frequently used applications to their home page, easily changing the theme and providing the ability to perform an application search, which is not supported by NWBC. Switching to Fiori not only benefits end users but also provides advantages to SAP security consultants. The change to SAP Fiori simplifies the design and maintenance of role-specific launchpads, benefiting both end users and SAP security consultants alike. This modernized experience delivers efficiency and increases the success of user adoption.

To learn more about our SAP consulting servicescontact us.










Marco Geisenberger

Technology Consulting

Steve Toshkoff

Technology Consulting – Business Application Solutions

Julia Ostroushko

Senior Manager
Technology Consulting - Business Application Solutions