In SAP GRC Access Control, the functions that support access certification and review are SOD Review and User Reaffirm. SOD (Segregation of Duties) Review enables organizations to analyze roles and user assignments for potential conflicts, ensuring that access does not violate SoD policies. This review process involves certifying that roles or users do not have conflicting permissions, supporting compliance with security standards. User Reaffirm is used to periodically certify user access, requiring managers or administrators to confirm that users’ assigned roles and permissions remain appropriate for their job functions. This reaffirmation process is critical for access governance, ensuring ongoing compliance and security. Role Review, while related to role maintenance, is not a specific GRC function for access certification, and Role Reaffirm is not a standard term in SAP GRC. By leveraging SOD Review and User Reaffirm, SAP GRC Access Control provides robust tools for maintaining secure and compliant access management, addressing both role-based and user-based risks.