SAP role assignments in complex estates often deviate from original designs over time; Redundant roles often contribute to SoD & operational risk. Xendl set out to build a tool, that supported our mission “to make the complex simple” so we built Solar-Beta. A SAP GRC bolt-on that at its core is a User Access Review tool but is so much more. It is web & mobile-based & has a simple clean UX, it allows role approvers to re-certify or remove access & automates the access removal process but more importantly provides crucial information to the role approver in one place; Transactions, Business process the role can act over, Usage analytics etc. It displays assignment details & validity periods clearly and provides historical certification data available for audit and compliance reviews. The tool dramatically reduces redundancy, helping your organisation cleanse SAP systems of legacy access & tightening your access controls, creating a low access-risk environment for your existing users.


Helps reduce unused, redundant, irrelevant access from users

Helps reduce unused, redundant, irrelevant access from users

Helps remove access from users that are causing SoD’s

Helps maintaining a correct and compliant access domain


Certify / Re-certify user access

Automatically remove uncertified access (no human intervention)

Visualise role content, process, and business process

Drill down on transactional content and usage​

Assignments and validity all

Analytics platform and intelligence module to assist in decision making on role certification and remove roles that add to SoD issues



Europa is a SAP GRC bolt-on tool which empowers any business to manage bottle-necks in their access request processes. With it’s simple and uncluttered user experience it is perfect for non-technical users. It will identify inactive and inappropriate approvers, highly sought after access and access that has become obsolete. It changes GRC technical data with one click and will significantly reduce time and effort spent by administrative teams on supplementing already automated user access management. Europa gives you confidence in your user access management processes and helps reduce to zero these cases in which some human intervention is required.


Empowers the business to control and own and update GRC Master data without ever leaving the Fiori launchpad

Never lose a GRC access request again​

Ensure your user access management process moves smoothly

Reduce bottlenecks and ensure trust in the GRC Access Provisioning Process​


Highlight total inactive approvers / slow moving access requests

Categorise types of bottlenecks, inactive approver, inappropriate approver

Identify bottlenecks in order of impact

Xendl intelligence suggests / propose solutions for bottlenecks so you do not have to​ make changes all in one screen without ever needing to access GRC.​

Integration with all other Xendl Access Control apps



Ceres is a reporting tool perfect for any large-scale access transition projects. Reporting on the progress of access redesign projects is a critical management practice that supports project success, enables informed decision-making, and fosters transparency and accountability throughout the organisation. It ensures that the project remains on track, aligns with organisational goals, and delivers value to the business.

Access redesign projects typically have specific goals and objectives. Regular reporting helps verify whether the project is on track to achieve these objectives and whether any adjustments are required to align with the organisation’s strategic priorities.


Helps businesses gauge their access or role re-design project progress

Attractive and easy-to-use functionality makes it easier for the user to export relevant details in just a single click


SAP GRC bolt-on tool to segregate and visualize users in any defined category based on the access assigned

Readily available metrics for Role Owners, Single Roles, and Business Roles which can be easily exported into an excel for further analysis or process

Venn diagram to easily understand and export users in specific sections, or from the cross-over (common) section



NYX+ is a lightweight Access request management tool built and deployed in the cloud that gives mid-sized organisations a compliant user provisioning solution. It helps Organisations control and manage user access to various resources, systems, applications, and data within their IT infrastructure. It plays a crucial role in ensuring the security and efficiency of an organisation’s digital assets by providing a centralised platform for managing user identities, permissions, and authentication processes.


Helps businesses gauge their access or role re-design project progress


SAP GRC bolt-on tool to segregate and visualize users in any defined category based on the access assigned



Rigel+ is a SoD / critical access reporting tool that does not require an underlying GRC system. It can report SoD / critical access on traditional SAP systems as well as non-SAP cloud applications. A SoD (Segregation of Duties) and critical access monitoring system is crucial for organisations to ensure the security and integrity of their IT systems and data. SoD and critical access monitoring systems / tools are essential components of a robust cybersecurity framework. Helping organisations prevent data breaches, detect and respond to security incidents, comply with regulations, and safeguard their critical assets, ensuring the overall security and success of the organisation.


Deployed in the cloud so non-invasive

Built on Microsoft PowerBi so robust and reliable

Developed at the perfect price point for mid-sized organisations, smaller enterprises



Prevents fraud and misuse, ensures that no single user has access to perform all stages of a critical process. This reduces the risk of fraud or misuse of authority by preventing a single individual from having unchecked control over sensitive operations

Mitigates errors & accidents, by separating duties and critical access, the system reduces the likelihood of accidental or inadvertent errors that could have serious consequences for the organisation

Compliant, many industries and regulatory bodies require companies to implement SoD controls as part of their internal control systems. An SoD and critical access monitoring system help organisations comply with these regulations, such as Sarbanes-Oxley (SOX) for publicly-traded companies

Enhances data security by restricting access to sensitive data and operations, the system minimizes the risk of data breaches, leaks, and unauthorised access to confidential information