Article

Unlocking the potential of SAP S/4HANA

Transforming your risk, controls and governance

SAP S/4HANA not only brings a tremendous potential for organisations to thrive and become a kinetic enterprise, it also enables them to transform their governance, risk and compliance. With significant SAP S/4HANA implementation experience, our experts from Risk Advisory have identified a number of key success factors.

NextGen governance, risk and compliance

NextGen brings more relevant, faster and more efficient insights to address risks in business processes, leading to better processes and sustainable business.

Compliance needs are ever increasing. Whether SOX, GxP, or other financial and industry regulations apply to you, many will need to be supported by your newborn S/4 systems from day one. Our regulatory compliance experts can help you assess the impact and ensure the right safeguards and controls are included as requirements.

Are processes followed the way they were designed? What risks still reside in them? The wealth of data stored in S/4 HANA can bring your risk analytics to life and help you become an insight driven organisation. 

We help our clients transform to S/4HANA responsibly by giving them confidence, making and keeping their business safe, future proof and sustainable, during and after the transformation.

Controls 4.0

Digital and S/4 also means stepping up from the ‘vintage’ controls framework you may still be working with. While your business is moving to Industry 4.0, internal controls need to follow suit. Controls 4.0 helps you shift to the digital age. As a leading SAP S/4HANA risk and control implementation partner, our vision on control innovation using NextGen controls allows clients to go beyond a compliance-based financial controls process. 

S/4 brings the features to set up your business and general IT controls. If applied correctly. Too often we have seen implementations that focused on business functionality only, neglecting internal controls. Fraud, error and drifting business are the direct consequence. With the right set-up however, you can simplify, eliminate and automate controls, helping your organisation to reduce the cost of controls while enhancing the level of assurance they bring to thrive at the speed of light, confident that the right controls are in place to never miss a turn.

Finance, treasury and the digital controller

The set-up of the finance organisation is at the heart of the S/4HANA journey. Ensuring that the controllership team is engaged from the outset is critical to delivering the benefits from S/4HANA and in turn ensures that the controllership function fundamentally transforms its role, adding greater value to the organisation by harnessing technology. Reliable reporting, smarter close, insight-driven controllership are just a few of the benefits.

How to get these benefits from S/4? Will you go for standard SAP S/4HANA functionality or add BlackLine’s Finance Controls and Automation Platform, or Workiva? The right experience and preparation will see you through.

Treasury risk management can be a game changer for the treasury function, providing insight in real time to drive actions in liquidity, FX exposure and working capital. 

Data risk

Garbage in garbage out… Let’s not do this to your digital transformation platform.

You will kickstart S/4HANA with master data and transactional data from your (current) legacy application landscape. As of the go-live, you will need to continue to manage and govern your data.

Data quality management and data governance will create the foundations to enable robust data quality for swift and accurate business decision-making and error-free straight-through processing. Data profiling and early start of data cleansing will bring a smooth transition and post go-live hypercare period that will not require you to become hyper.

Cybersecurity, ransomware and digital identity

A move to SAP S/4HANA also brings the opportunity and the need to set up security. After all, you will be pooling a significant mass of confidential information, privacy-sensitive data and intellectual property. This means that your security architecture, design, standards, and controls also need a firm brushing up. S/4 comes with a significant change in the security model. Old roles become obsolete, tables have been merged, and the concepts have evolved. A number of new SAP capabilities come into play to manage these risks.

Mobile use of your ERP, Fiori and ecosystem integration bring security challenges as well. Maybe you want to take the opportunity to strengthen your identity and access management? Or simply ensure your infrastructure, network and cloud security are up to standard? Taking this step change enables you to deliver on the secure by design and privacy by design requirements. Before, during or after the COVID crisis, make sure you put the right protection in place. 

Programme risk, quality and testing

As your transformation is business-critical and failure is not an option, you may want independent programme assurance to keep key stakeholders appraised objectively of programme progress, risks and roadblocks. While we aim to provide transformation confidence, risks detected early will trigger pragmatic recommendations. In-flight advice is worth more than an ex-post analysis of a failed project.

Working with iterations in a continuous integration and development mode for your evolving kinetic enterprise, you will want to put in place the right safeguards so ‘haste makes waste’ will not happen to your business. The right quality plan and quality activities, alongside a rightsized testing strategy can go a long way to ensure you are set up for success. The iterative nature of the implementation, linked with quarterly updates of cloud-based S/4 environments, creates the business case for smart test automation. 

Licensing optimization – rightsizing the expenditure and addressing risks

Migrating to S4/HANA introduces new licensing challenges but also provides optimization opportunities for legacy customers in line with the desired Greenfield, Brownfield or Hybrid implementation.


Creating license/contract migration scenarios taking into account the S4/HANA roadmap, provides detailed insight into possible optimization areas and licensing risks (e.g. Digital Access or Indirect Usage). In line with the preferred implementation type, the future SAP licensing requirement, cost and impact of the S4/HANA transformation can be accurately assessed and forecasted. During these assessments, an in-depth view on the preferred changes in key contractual terms and conditions and usage rights is obtained as well to ensure a future-proof contract.


Deloitte is a trusted partner who can help out with bespoke Risk Assessments, Contract Advisory, Digital Access / Indirect Usage reviews, Business Case creation and guidance throughout the process of determining and achieving the optimal contract and licensing position.

How we can help you

Deloitte’s experience in implementing governance, risk and controls for SAP S/4HANA leverages SAP standard functionality and industry practices. We help our clients transform to S/4HANA responsibly by giving them confidence, making and keeping their business safe, future proof and sustainable, during and after the transformation. Our services include initial consultation through to end-to-end design and implementation.

Looking forward to discussing your S/4 HANA risks and transformation ambitions.

Did you find this useful?