Case Study

Ballance Agri-Nutrients

Balancing SAP update security, speed, and risk at Ballance Agri-Nutrients
71%
reduction in testing effort
92%
risk reduction
75
quality + security standards checked across ABAP code
Farm Header

“Ballance is now current, stable, and keeping pace with SAP security updates and application changes thanks to LiveCompare. Its targeted testing focus enables us to accelerate releases to update much more efficiently.” 

Tim Lloyd – Chief Digital Officer (Acting) – Ballance Agri Nutrients 

Balancing SAP update security, speed, and risk at Ballance Agri-Nutrients

Challenges

Minimizing the security risks and business disruption associated with SAP updates 

Solution

Tricentis LiveCompare and Tricentis Tosca + SYD Consulting 

Minimizing the security risks and business disruption associated with SAP updates 

Background

When you think of digital transformation, Ballance Agri-Nutrients, New Zealand’s largest fertilizer producer and distributor, probably isn’t the first thing that comes to mind. But the farmer-owned cooperative’s impressive achievements in building a strong SAP-driven digital core with sophisticated personalization and IoT connectivity has already caught the attention of SAP, CIO, and Forbes, among others.  

Ensuring that ongoing SAP updates wouldn’t compromise the security or integrity of core business processes was an ongoing concern during the early phases of their digital transformation journey. Performing manual testing to assess the impact of SAP changes was time-consuming and limited in scope, leaving the organization’s business team frustrated and exposed to risk. They knew the path forward required automated inspection at both the ABAP code and business process level. Yet, with numerous high-priority digital transformation initiatives constantly in-flight, they never had sufficient resources to start the project.  

Challenges
  • Ongoing digital transformation projects with ambitious deadlines consuming all available resources 
  • Manual testing by business users was time-consuming and highly disruptive 
  • Releases were commonly delayed in an effort to protect quality and security standards 
  • Existing testing process did not adequately catch all security impacts 
  • Too many quality issues were being introduced at the ABAP code level 
  • Short term: testing patches and BAU transports 
  • Long term: testing for their migration to SAP S/4HANA 

“In my view, LiveCompare is a necessity for organisations attempting to keep up with the release demands of SAP S/4HANA.”  

Tim Lloyd – Chief Digital Officer (Acting) – Ballance Agri Nutrients 

Solution

After choosing a partner to help navigate their testing transformation, Ballance was introduced to Tricentis LiveCompare (AI-powered change impact analysis for SAP updates) and Tricentis Tosca (test automation for SAP).  Under the expert guidance of SYD Consulting, Ballance deployed, adopted, and scaled a solution that integrated Tosca and LiveCompare into SAP ChaRM (SAP change release management).  

LiveCompare helps Ballance understand the risks of implementing security notes and other updates. For example, it can alert the team when a security note changes existing authorizations, such as restricting users’ existing access to critical functions and data-or unexpectedly opening up a role’s access to previously-restricted options. To streamline testing of these changes, LiveCompare identifies exactly which Tosca tests are required and where additional tests should be created. This not only ensures all security risks are covered by testing, it actually reduces the amount of testing required by an average of 71%. Additionally, ABAP code analysis automatically checks compliance to 75 core quality and security standards, exposing errors when they’re most efficient to fix and further reducing the testing effort required.

With the combination of change impact analysis + test automation, Ballance not only achieved their strategic goals for increasing the speed and security of routine updates; they also established an automation strategy that will help them get their S/4HANA migration right the first time.  

Results
  • ABAP code compliance to 75 quality and security standards is automatically enforced 
  • Potential security risks are exposed by automatically analyzing the conflict set and the user’s authorizations in the targeted systems 
  • Nightly analysis and quality scorecards provide insight into issues at the function modules, programs, objects etc. 
  • Breaches related to any potential SAP Authorizations segregation of duties conflicts are exposed automatically 
  • Change impact analysis compares their current SAP configuration and usage against each proposed standard or custom update 
  • Risks to their SAP business processes, system integrations, custom code, security, governance, and more and exposed automatically 
  • Instead of testing everything, testing focuses on the most-at-risk objects in each release (e.g., 320 out of 1117 objects) dramatically increases testing speed and cost-efficiency 
  • Major test gaps (e.g., 60% of risks not covered by existing test suite) identified and covered by test automation 
  • 71% reduction in testing effort