• Importance of secure authentication and access governance
• Overview of cloud identity challenges
• Positioning of IAM within SAP landscapes
• End-to-end identity lifecycle overview
• Overview of SAP Identity Access Governance
• Role of IAS in authentication and Single Sign-On
• Role of IAG in access governance and compliance
• Combined IAS–IAG value proposition
• Authentication flows and login mechanisms
• Identity providers and trust configuration
• User stores and identity sources
• Architecture supports scalable authentication
• SAML 2.0 and OpenID Connect overview
• Federation with corporate identity providers
• Trust configuration for SAP and non-SAP apps
• SSO improves user experience and security
• Integration with identity provisioning services
• Attribute mapping and identity synchronization
• Group and role propagation
• User management ensures consistent access
• Access governance framework overview
• Integration with SAP S/4HANA and cloud applications
• Policy-based access control concepts
• Architecture supports centralized governance
• Access request creation and approval workflows
• Role assignment and provisioning process
• Request lifecycle and audit tracking
• Emergency and temporary access handling
• ARM supports controlled access provisioning
• Risk rule set configuration
• Preventive and detective control mechanisms
• Risk mitigation strategies
• Risk analysis ensures compliance
• User and role certification processes
• Audit trails and compliance reporting
• Regulatory and internal audit readiness
• Reviews ensure ongoing access governance
• Governance models for IAM operations
• Integration of IAS and IAG for end-to-end IAM
• Monitoring, logging, and troubleshooting
• Best practices for sustainable identity governance
• Use cases of SAP Identity Access Governance (IAG)
• Comparison between SAP Cloud IAG and SAP GRC Access Control
• Architecture, security, and authorization concepts
• System architecture of SAP IAG
• Positioning of IAG in the SAP Identity and Access Management (IAM) landscape
• Creating and managing subaccounts in SAP BTP
• Security and authorization management in BTP
• SAP Cloud IAG subscription and initial setup
• Subscription request and validation process
• Creating new users in BTP
• Assigning role collections in BTP
• Differences between IAS, IPS, and IAG
• Establishing trust relationship between IAS and IAG
• Managing IAG groups in IAS
• Authentication in cloud systems using IAS or corporate identity providers
• Collaboration between IPS and SAP Cloud IAG
• IPS proxy configuration
• Integration of cloud systems using IPS (with demonstration)
• Initial master data setup for business processes and business function groups
• SAP IAG repository and job analysis
• Synchronizing objects into the IAG repository
• Scheduling and monitoring background jobs
• Uploading SAP risk rulesets
• Risk ruleset validation and user risk analysis
• Custom risk ruleset configuration
• Mitigation control setup
• Dashboard analysis and monitoring
• Risk score policy management
• Access refinement techniques
• Limitations and comparison with SAP GRC Access Control
• Repository synchronization from target systems
• Assigning access to role owners
• Access maintenance in SAP IAG
• Creating business roles in IAG
• Candidate Business Role (CBR) overview
• Simulation and creation of CBRs
• Comparison with SAP GRC Role Management
• Business rules and workflow upload
• Workflow configuration and customization
• Custom field setup (optional)
• Assigning access to different owners
• Access request creation and approval workflow
• Audit trail monitoring
• Job scheduling and log analysis
• Comparison with SAP GRC Access Request Management
• Configuration of access certification campaigns
• Launching and monitoring certification campaigns
• Privileged Access Management (PAM) concepts
• Configuring privileged access
• Monitoring and controlling privileged access activities
• Use cases of IAG Bridge with SAP GRC Access Control
• SAP Cloud Connector overview
• Integration with SAP GRC Access Control systems
• Limitations and future scope of SAP IAG






















