Deepika Kikani

a) Client: External (Demo for Sales, Internal Turnkey)

• Designed and implemented end-to-end security architecture for SAP BTP applications for DMC, ensuring compliance with enterprise security standards.
• Conducted security assessments, risk analysis, and vulnerability reviews for BTP-based solutions.
• Participated in client-facing workshops during the design and initial project phases to define security requirements.
• Created user to role level matrix.
• Created role collections using standard role templates.
• Mapped user group to role collections.

b) Client: Endeavour Energy (Jan 2025 – Sep 2025)

• Role Remediation Project.
• Created new roles.
• Set up FIORI Catalog, Space, and Pages for the application.
• Perform SIT with the Business Functional Team.
• Provided after Go-Live support.

c) Client: Bedrock.

• Designing and managing SAP security solutions, including user roles, authorizations, and system security.
• Extensive experience in implementing and managing SAP Security, SAP GRC Access Control, SAP GRC, and SailPoint ARM solutions.
• Specialized in configuring and managing access risk management, emergency access workflows, and user lifecycle processes for compliance in SailPoint ARM.
• Demonstrated expertise in designing and implementing SAP security strategies and controls to ensure the confidentiality, integrity, and availability of SAP systems and data.

d) Client: Aubert & Duval (March 2025 – January 2026)

• Green Field Implementation – SAP GRC Process Control in EN and FR languages.
• Lead the project as SAP GRC Solution Architect.
• Performed due diligence of their existing solution.
• Provided a high-level design demonstration in the SAP GRC PC solution and its integration with SAP GRC RM and Access Control.
• Implemented the Test of Effectiveness workflow online and offline.
• Performed unit testing, UAT, and cut-over activities, along with the go-live of the project.
• Support after go-live.
• Customized a few reports to have additional columns.
• Created over 300 controls in the SAP GRC PC System (TOE).
• Plan to implement CCM control in progress for future scope.

e) Client: Zuellig Pharma.

Project 1: SAP Security (June 2024 – December 2024)

• Working on SAP Security Role Remediation Tickets.

f) Client: Capgemini.

Project 1: Risk Management and Audit Management POC (July 2024 – October 2024)

Project Contribution:

• Provided design walk-through, demo, UAT, and training to the business on SAP RM and AM.
• Lead the SAP GRC project implementation end-to-end with the business.
• Risk management process understanding and data objects linkage in GRC RM 12.
• SPRO - IMG configuration settings for SAP GRC, Risk Management, and Audit Management.
• Defining roles for different users, as well as customized roles, as per the organization hierarchy.
• Detailed configuration settings for role mapping, role management, workflows, risk assessment, collaborative risk assessment, risk validation, and planner tasks.
• Create or upload a risk catalogue and risk register.
• Defining risk drivers and consequences.
• Implemented risk analysis methods, viz. Scoring.
• Risk responses are created as responses and controls for risk.
• Provided configuration and process documents for unit test scripts for RM and AM.
• Resolving authorization issues related to risk proposals, risk assessment triggering, performing risk assessments, and validations.
• Audit management process understanding and data objects linkage in GRC ACS 1.5.
• Defining and customizing roles for different users as per the organization hierarchy based on FIORI spaces and pages.
• Mapping of application roles to the PFCG roles.
• Mapping OData services is needed by different users to perform different activities.
• Detailed configuration settings for role mapping, role management, and workflows.
• Customizing the workflow as per client requirements in audit management.
• Setting multiple approval levels for the Announcement letter, Work Program, Draft Audit Report, and Final Audit Report.

g) Client: BOAD.

Project 1: Risk Management and Audit Management Implementation and Support (Aug '23 – Dec '23)

Project Contribution:

• Risk management process understanding and data objects linkage in GRC RM 12.
• Experience with IMG configuration settings for SAP GRC Risk Management.
• Defining roles for different users, as well as customized roles, as per the organization hierarchy.
• Detailed configuration settings for role mapping, role management, workflows, risk assessment, risk validation, and planner tasks.
• Client copies activities from 000 after the plugin is installed.
• Create or upload a risk catalogue and risk register.
• Defining risk drivers and consequences.
• Implemented risk analysis methods, viz. Quantitative or qualitative.
• Risk responses are created as responses and controls for risk.
• Provided configuration and process documents for unit test scripts for RM and AM.
• Resolving authorization issues related to risk proposals, risk assessment triggering, performing risk assessments, and validations.
• Audit management process understanding and data objects linkage in GRC ACS 1.5.
• Experience with IMG configuration settings for SAP Audit Management.
• Defining and customizing roles for different users as per the organization hierarchy based on FIORI Spaces and Pages.
• Mapping of application roles to the PFCG roles.
• Mapping OData services needed by different users to perform different activities.
• Detailed configuration settings for role mapping, role management, and workflows.
• Customizing the workflow as per client requirements in audit management.
• Setting multiple approval levels for the Announcement letter, Work Program, Draft Audit Report, and Final Audit Report.

h) Client: HARRODS

Project 1: SAP GRC Security Risk Remediation (Nov 2022 – Sep 2023)

Project Contribution:

• Redesign of Old Roles to New Roles.
• Perform risk remediation activities with the business.
• Provide hyper-care support.

i) Client: Touchlight.

Project 1: SAP FIORI Role Design (July 2022 – November 2022)

Project Contribution:

• Create a New Catalog and Groups.
• Map the catalog and group to the new PFCG role.

• Traveled to the client location - Department of Labour, South Africa office to understand their existing governance process and document the due diligence. Along with that, we provided a demo on SAP GRC Access Control, Process Control, Risk Management, and Audit Management across the departments, and also explained the SAP Security framework to functional and non-functional teams.
• Prepared a blueprint and shared the architecture design of multiple SAP landscape integrations using non-SAP and SAP applications.
• Implemented and configured end-to-end 3 LODs (SAP GRC PC, RM, and Audit Management) through the SOLMAN system, prepared unit test scripts, user acceptance testing documentation, provided training to end users, and recorded sessions for future reference.
• Achieved critical customization and enhancement within SAP GRC and ACS modules to meet the client's requirements by working closely with UI5 and ABAP developers.
• Prepared project plans, driving multiple meetings, and closely monitoring team activity to align with the deadlines.
• Implemented SAP FIORI Security (Custom Catalog, Groups), which is known as the Common Registration Portal for Members of South Africa.
• Completed SAP GRC Access Control Certification.

• Managed Team of 4 people.
• Implemented SAP GRC Access Control and Process Control along with prepared SAP Security Role Matrix.
• Received Recognition@Deloitte award.

• Worked on SAP GRC Access Control and Security along with Support activities.

• Worked closely with seniors and team members to prepare Business Blueprint Doc. (BPP) on SAP GRC Access Control and configured end-to-end system for Client Demo.
• Worked on SAP Cloud Analytics/Digital Boardroom for Client.

• Implemented SAP GRC Access Control - ARA, ARM, BRM and EAM for Business.
• Working on SAP Security upgrade internal project.
• Worked closely with Seniors and team members, to implement SAP GRC Risk Management Solution for Client.
• Led team activities every Friday, Team Lunch and Outings to encourage and meet different team members.
• Provided Training and shared my knowledge on SAP GRC Access Control across the globe BOSCH Security Team.

• Worked on multiple SAP and Non-SAP Security Projects.
• Supported SAP GRC Access Control and Security related tickets to resolve User and Role authorization issues.
• Got certified in IAM.
• Received Customer Delight award and multiple email appreciation from business and internal team.