GRC was introduced in 2006
1. SAP acquired VIRSA and renamed into GRC. 2.SAP GRC enables organizations to manage regulations and compliance and remove any risk in managing organizations key operations. 3. It consists of three main areas analyze, manage and monitor.
1. SAP acquired VIRSA and renamed into GRC. 2.SAP GRC enables organizations to manage regulations and compliance and remove any risk in managing organizations key operations. 3. It consists of three main areas analyze, manage and monitor.
Modules in SAP GRC
- SAP GRC access control
- SAP GRC process control
- SAP GRC Risk management
- SAP GRC global trade services
- Nota fiscal electronica
VIRSA 4.0 ---------------> access enforcer(AE)
GRC AC 5.3 -------------> complaint user provisioning(CUP)
GRC AC 10,10.1---------> access request management(ARM)
1. SAP GRC access control -
- automate approvals through workflow
- auto provisioning - auto user maintenance
User administration - User creation, User modification and User deletion.
Process to be followed for user administration :
SAP access approved by approved by security team will
form -------> reporting mgr------------> role owner----------> create/delete the req
Automation & workflow design for the below :
- User administration
- Role approval
- Function maintenance
- Risk maintenance
- FF log report review
- Risk analysis - SOD review & user access review
- Mitigation control - maintenance & assignments
Process ID's (workflow types)
SAP_ GRAC_ACCESS_REQUEST | - access request approval workflow |
SAP_GRAC_ACCESS_REQUEST_HR | - access request approval for HR OM objects workflow |
SAP_GRAC_CONTROL_ASON | - control assignment approval workflow |
SAP_GRAC_CONTROL_MAINT | - mitigation control maintenance workflow |
SAP_GRAC_FIREFIGHT_LOG_REPORT | - firefighter log report review workflow |
SAP_GRAC_FUNC_APPR | - function approval workflow |
SAP_GRAC_RISK_APPR | - risk approval workflow |
SAP_GRAC_ROLE_APPR | - role approval workflow |
SAP_GRAC_SOD_RISK_REVIEW | - SOD risk review workflow |
SAP_GRAC_USER_ACCESS_REVIEW | - user access review workflow |
Maintaining settings for HR trigger
Maintain SLA(Service level agreements)
- SLA can be defined based on process ID ( workflow type)
- It cant be defined based on request type)
Define request type - correctly map the request type to the process ID or workflow type.
Comments Comments