SAP = Start Adding Pounds
I can understand the intention behind this; SAP have run out of big companies to sell to, the medium and smaller companies are not spending the money they thought they would, and so they are looking to find other ways to generate more money. Adding security to the portfolio makes a lot of sense.
However, I would question their ability to deliver a satisfactory solution. SAP do have some really good people working for them and as independant consultants; they also have a very large number of bloody useless hangers on that cost the customer a fortune and screw up regularly.
Over the past few months, I've seen some of these; people straight out of a college with a mickey mouse degree in "computing theory" that try to get a starter job in SAP consultancy because they think they will earn so much money. (see below)
Personally, I wouldn't trust a single SAP consultant that I have met to discuss security; they simply don't begin to understand the subject. From what I have seen, most installations have security holes that you drive a truck through; they rely on obscurity to provide the first line of defence.
AC because I really could lose my job for daring to criticise anthing SAP related.