Title:  SAP Authorizations Expert

​​Requisition ID: 1176 
Grade : ISA-Specialist 
Country: Austria 
Duty Station : Vienna 
Category: International Consultant 
Type of job Posting: Internal and External
Employment Type: NonStaff-When Act. Employed
Application deadline: 07-Oct-2022  

Vacancy Announcement
Female candidates from all Member States are particularly encouraged to apply.

Organizational Context

The United Nations Industrial Development Organization (UNIDO) is the specialized agency of the United Nations that promotes industrial development for poverty reduction, inclusive globalization and environmental sustainability. The mission of UNIDO, as described in the Lima Declaration adopted at the fifteenth session of the UNIDO General Conference in 2013 as well as the Abu Dhabi Declaration adopted at the eighteenth session of UNIDO General Conference in 2019, is to promote and accelerate inclusive and sustainable industrial development (ISID) in Member States. The relevance of ISID as an integrated approach to all three pillars of sustainable development is recognized by the 2030 Agenda for Sustainable Development and the related Sustainable Development Goals (SDGs), which will frame United Nations and country efforts towards sustainable development. UNIDO’s mandate is fully recognized in SDG-9, which calls to “Build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation”. The relevance of ISID, however, applies in greater or lesser extent to all SDGs. Accordingly, the Organization’s programmatic focus is structured in four strategic priorities: Creating shared prosperity; Advancing economic competitiveness; Safeguarding the environment; and Strengthening knowledge and institutions.


Each of these programmatic fields of activity contains a number of individual programmes, which are implemented in a holistic manner to achieve effective outcomes and impacts through UNIDO’s four enabling functions: (i) technical cooperation; (ii) analytical and research functions and policy advisory services; (iii) normative functions and standards and quality-related activities; and (iv) convening and partnerships for knowledge transfer, networking and industrial cooperation. Such core functions are carried out in Departments/Offices in its Headquarters, Regional Offices and Hubs and Country Offices.

The Information Technology and Digitalization Services (COR/DIG) focuses on enabling the Organization through new and innovative digital technologies, while ensuring secure, reliable, effective and efficient information technology (IT) services towards the achievement of strategic objectives and UNIDO’s ISID mandate. IT services includes the management and development of web, digital and business solutions; maintaining a robust data center and infrastructure; managing the cybersecurity programme, providing efficient end-user solutions and support; ensuring knowledge management; data-driven analytics and business intelligence; and platforms for enabling transparent external relations with Member States, partners and civil society.


The Information Technology and Digitalization Services:


  • Manages and implements IT and digitization strategies and solutions, for setting and enforcing common IT standards and best practices throughout UNIDO;
  • Manages corporate IT services;
  • In close cooperation with the Coordination and Integration Support Division (IET/CIS) and the Quality, Impact and Accountability (IET/QUA) Division, ensures from an operational and technical perspective, that applications and systems are implemented in an integrated, sustainable and secure manner following best practices;
  • Provides value-added for the Organization based on cost-benefit considerations in pursuit of the principles of Result-Based Management and delivering overall continuous improvement of the Organization’s operations;
  • Coordinates a Service Desk which is the single point of contact for requests from the UNIDO workforce positioned both at Headquarters and the field.


Functions of the Information Technology and Digitalization include:


  • Develop strategies, plan, enable, and support major initiatives aimed at transforming UNIDO’s future IT infrastructure and business operations;
  • Ensure full lifecycle management and continuous improvement to IT systems and services, including Enterprise and Resource Planning (ERP) solutions, web-platforms, knowledge management tools, service delivery, and its underlying infrastructure;
  • In close cooperation with the Member State and Donor Relations Division (GLO/MSR), plan and support the mobilization of regular and extra-budgetary financial resources for the management of the IT budget and resources;
  • Safeguard the integrity and security of IT systems, while monitoring the environment, perform risk assessments to derive and recommend mitigating actions including policies, standards, baselines, procedures, reporting and guidelines;
  • Develop, manage and review the Organization’s information security management system through risk management, raising awareness, implementation of cybersecurity best-practices to safeguard and protect UNIDO’s data and information assets;
  • Support the Organization in providing digitalization and innovative solutions to transform and improve operations especially back-office processes;
  • Manage and support an extranet platform for Member States and funding partners ensuring that the relevant data and information is available to further increase transparency;
  • Coordinate and manage the operations of the service desk;
  • Provide support to end users, and in close cooperation with the Learning and Development Services (COR/LED), ensure that end-user and training related materials are developed, maintained, and available online to users;
  • Provide online platforms for open data, key documents and publications following IATI standards;
  • In cooperation with stakeholders throughout the Organization, primarily with the Coordination and Integration Support Division (IET/CIS) and the Quality, Impact and Accountability Division (IET/QUA) , implement dashboards and analytics, reflecting UNIDO’s contribution to the SDGs; the ISID mandate of economic growth, environmental sustainability and social inclusion; programme/project indicators necessary for monitoring and reporting; as well as other key indicators to measure Organizational impact, efficiency and effectiveness;
  • Manage IT sourcing strategies, contracts and outsourced services;
  • Develop state-of-the-art solutions for IT based internal communication and team working and ensure their use and full integration in existing systems;
  • In cooperation with the Coordination and Integration Support Division (IET/CIS) plan, coordinate and implement ERP-related changes and improvements as well as ensure quality management and risk mitigation;
  • In coordination with the Asset Management and Logistics Services (COR/AML), manage IT assets, including non-tangible assets;
  • Represent UNIDO on communities of practice of Information Communication Technologies (ICT), including formal groups with United Nations system and other IGOs;
  • Plan, manage and coordinate the regular and extra-budgetary financial resources and expenditures for the COR/DIG and plan, manage and coordinate the IT budget for UNIDO;
  • Provide essential Library, Sales Publications and Industrial Development Abstracts (IDA) services;
  • Provide management responses to audit observations and ensure the timely implementation of agreed-upon recommendations;
  • Cooperate with other VBOs and relevant organizational entities as well as external stakeholders with a view to harmonizing and exchanging information to enhance service delivery.






UNIDO uses SAP as the core platform for its business processes. The SAP Authorizations Concept evolved somewhat organically. Most modules were implemented in 2012-2014. Since then, these systems have been technically updated, and functionally enhanced.


UNIDO’s External Auditor reviewed UNIDO IT General Controls (IT GC) in 2021, with a strong focus on P2P (Procure to Pay) processes, focusing on SAP ERP and SRM modules. They found that among other recommendations: critical permissions are not properly restricted, issues in Segregation of Duties, recommending a thorough review of UNIDO’s SAP Authorization Concept.


UNIDO requires the services of an expert in SAP Authorization and Governance, Risk and Compliance (GRC) in access management to review the UNIDO Authorization Concept and our roles/authorization structure. We also seek recommendations on a monitoring system fit for UNIDO’s size to oversee Privilege Account usage, Separation of Duties, and minimizing the risk of unauthorized use and fraud.


Description of Activities

Effort Time



Phase I

Information Gathering & Analysis

  • Applicable Policies and SOPs
  • Run relevant SAP reports
  • Interview workshop(s) with IT Function:


    • Technical Leads
    • Authorization Administrator
    • Cybersecurity Expert


  • Interview workshops with Business Functional Leads:
    • Finance
    • Procurement
    • Human Resources
    • Travel
    • Asset/Material Management
    • Project Management


  • Other interviews/workshops:
    • Data Protection Officer
    • Internal Oversight
    • External Auditor


Report Containing:

  • As-Is summary
  • SoD Analysis
  • Technical Analysis and upgrade capability
  • Alignment with best practices in role and authorization maintenance


  • Proposed way forward

Phase II

Creation of a new SAP Authorization Concept (consider a future upgrade to the HANA database and systems)

Detailed Role / Authorization Structure

New SoD Matrix


Activity Report

New Authorization Concept SOP

Detailed Role Structure

New SoD Matrix

Phase III

Coordinate implementation of new role structure in affected systems:

  • Development
  • Quality
  • Production


Closure Report

Recommendations Moving Forward




WE FOCUS ON PEOPLE: cooperate to fully reach our potential –and this is true for our colleagues as well as our clients. Emotional intelligence and receptiveness are vital parts of our UNIDO identity.


WE FOCUS ON RESULTS AND RESPONSIBILITIES: focus on planning, organizing and managing our work effectively and efficiently. We are responsible and accountable for achieving our results and meeting our performance standards. This accountability does not end with our colleagues and supervisors, but we also owe it to those we serve and who have trusted us to contribute to a better, safer and healthier world.


WE COMMUNICATE AND EARN TRUST: communicate effectively with one another and build an environment of trust where we can all excel in our work.


WE THINK OUTSIDE THE BOX AND INNOVATE: to stay relevant, we continuously improve, support innovation, share our knowledge and skills, and learn from one another.






  • Advanced university degree in ICT, Computer Engineering, Computer Science, Business Management, Finance, or other relevant discipline is required.
  • A first level university degree or an advanced technical college diploma may be acceptable provided it is combined with a substantial number of years of professional hands-on experience that is directly relevant to the expertise required by the specific assignment.
  • Standing/Recent technical certifications in the area of SAP Authorizations and GRC (Governance, Risk and Compliance) are highly desirable



Technical and Functional Experience:


A minimum of seven (7) years of work experience in SAP Authorizations, IT General Controls, and Application Security required. Experience with GRC (Governance, Risk and Compliance) desirable. Experience with international organizations or multinationals is highly desirable.


Languages: Fluency in written and spoken English is required. 


[1] Estimate, and may differ from lapsed time due to scheduling and availability of stakeholders

This appointment is limited to the specified project(s) only and does not carry any expectation of renewal.
Employees of UNIDO are expected at all times to uphold the highest standards of integrity, professionalism and respect for diversity, both at work and outside.
Only persons who fully and unconditionally commit to these values should consider applying for jobs at UNIDO.

All applications must be submitted online through the Online Recruitment System. Correspondence will be undertaken only with candidates who are being considered at an advanced phase of the selection process. Selected candidate(s) may be required to disclose to the Director General the nature and scope of financial and other personal interests and assets in respect of themselves, their spouses and dependents, under the procedures established by the Director General.

Visit the UNIDO web site for details on how to apply: www.unido.org
NOTE: The Director General retains the discretion to make an appointment to this post at a lower level.
Notice to applicants:
UNIDO does not charge any application, processing, training, interviewing, testing or other fee in connection with the application or recruitment process. If you have received a solicitation for the payment of a fee, please disregard it. Vacant positions within UNIDO are advertised on the official UNIDO website. Should you have any questions concerning persons or companies claiming to be recruiting on behalf of UNIDO and requesting payment of a fee, please contact: recruitment@unido.org