https://store-images.s-microsoft.com/image/apps.792.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.929c3404-2d7d-444d-8720-b09ec431cd91.b353daa7-5b39-4439-8b71-a634e642a73c

GRC Builder ARM (Access Risk Management)

by Porttus

(1 ratings)

Cloud-based identity governance with Entra ID integration, SoD risk control, and compliance

The GRC Builder ARM solution, developed by Porttus, is a powerful cloud-based platform for managing access and risk in both SAP and non-SAP environments. It supports both single-tenant and multi-tenant architectures, and can also be deployed on-premises for organizations that require full control over the solution.


Designed by GRC and Security experts with deep knowledge of SAP’s authorization architecture, GRC Builder stands out as a highly effective alternative to SAP GRC Access Control and SAP Identity Access Governance (IAG) — offering superior cost-effectiveness and a modern, user-friendly interface that enhances the overall user experience.


WITH A COMPREHENSIVE SET OF FEATURES, GRC BUILDER DELIVERS:

  • Real-time Segregation of Duties (SoD) risk analysis.
  • Risk simulation before access is granted.
  • Emergency access management with full workflows and audit trails.
  • Access impact analysis to evaluate permissions and associated risks prior to approval.
  • Automated access review and recertification processes.
  • Customizable SoD rule management, adaptable to various organizational structures.
  • Out-of-the-box Risk Matrices for multiple ERP systems: SAP ECC, SAP S/4HANA, SAP SuccessFactors, TOTVS, Oracle, and more.
  • Pre-built compensating control templates.
  • Executive dashboards for continuous risk and access monitoring.
  • Configurable workflows for access request approvals and tracking (Access Governance).
  • A Deciding factor feature, offering a gamified visual tool to illustrate risk violations vs. broken rules.


GRC Builder helps organizations comply with the Sarbanes-Oxley Act (SOX) and implement COSO framework best practices, especially in internal controls related to access governance and continuous monitoring of SoD risks — ensuring end-to-end governance and audit readiness.


Whether deployed in the cloud or on-premises, GRC Builder provides unmatched flexibility, control, and user experience. It empowers business and audit teams with autonomy and real-time visibility over access and risks across SAP and non-SAP systems, making it the ideal solution for companies seeking compliance, efficiency, and governance with reduced complexity and cost.


GRC Builder features native integration with Microsoft Entra ID, enabling the implementation of a full Identity Governance and Administration (IGA) process, where the identity lifecycle runs in parallel with Segregation of Duties (SoD) risk monitoring. Additionally, Porttus has developed a customized interface for Microsoft Entra approvers, ensuring a consistent look and feel when approving both identity requests and SoD risk validations.


AVAILABLE PLANS:


SHARED (Multi‑Tenant SaaS)

  • Shared cloud application.
  • Porttus-defined policies and standard release/SLA.
  • Lowest cost, minimal infrastructure overhead (no TCO).
  • Excellent for companies seeking fast deployment, simplicity, and top cost‑effectiveness.


Best cost-benefit: The Essential plan delivers the lowest total cost and fastest time-to-value. It’s perfect for organizations that prioritize efficiency, simplicity, and quick SaaS deployment with minimal investment.


PRIVATE (Single‑Tenant SaaS)

  • Dedicated cloud instance for each customer.
  • Porttus-defined policies, customizable release versions, standard SLA.
  • Infrastructure costs (customer covers own infra) but no TCO.
  • Offers greater control, customization, security, and privacy.


The Standard plan strikes a balanced middle-ground—offering dedicated architecture and customization while leveraging cloud benefits without full TCO exposure.


PREMISE (Single‑Tenant On‑Premises)

  • Installed on the client’s own servers.
  • Fully dedicated solution with customer-defined policies and releases.
  • Adapted SLA and maximum infrastructure control, with lower recurring costs but full TCO responsibility.
  • Ideal for organizations demanding ultimate security, flexibility, and autonomy.


Best control and customization: The Premium plan provides the highest degree of control, since it’s implemented on-premises with complete policy ownership, customizable releases, and tailored SLAs. This is ideal for companies needing maximum confidence in their infrastructure and regulatory adherence.


LICENSING MODEL

Licenses are calculated based on the number of active users monitored and the total number of integrated systems — independent of company size or revenue.


At a glance

https://store-images.s-microsoft.com/image/apps.36621.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.86533ebc-1189-4380-98f0-dce3723fa358.c7a93d54-b48e-47c2-b22e-4eeb1638f9b1
/staticstorage/20250903.1/assets/videoOverlay_62a424ca921ff733.png
https://store-images.s-microsoft.com/image/apps.1882.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.86533ebc-1189-4380-98f0-dce3723fa358.bf98a076-d609-44b9-8bc9-8bb4280f6f32
https://store-images.s-microsoft.com/image/apps.26638.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.86533ebc-1189-4380-98f0-dce3723fa358.614f7474-beb2-40d8-90d2-f77349113819
https://store-images.s-microsoft.com/image/apps.17315.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.86533ebc-1189-4380-98f0-dce3723fa358.206f4430-c4d5-4e59-9e36-01b8b2a3fafd
https://store-images.s-microsoft.com/image/apps.45516.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.86533ebc-1189-4380-98f0-dce3723fa358.2392d673-09c4-4b13-bd21-de19029a3fdb
https://store-images.s-microsoft.com/image/apps.49313.18b80eb1-1271-4fa2-bce4-7cb6aafeedde.86533ebc-1189-4380-98f0-dce3723fa358.8b421e98-9b62-45a2-b893-3e4bfefefd01