Authorization management, especially critical access and segregation of duties (SoD), are central topics of audits. Therefore, many companies introduce central solutions to technically support or control these issues. The global ERP system is particularly important here. The introduction of SAP Governance, Risk & Compliance (GRC) has become an elementary component of the SAP lifecycle, as processes such as change management can be supported centrally and system-oriented. QFINITY∞ introduces SAP CHaRM (Change Request Management) for various SAP systems around the world at one of the leading pharmaceutical manufacturers as a technical expert and project manager.