on 10-13-2008 3:43 PM
Hi,
We are currently running CC 5.2 on our European perimeter. We would like to extend in the near future to our US perimeter. For that, we have to take into consideration a complete new set of rules.
I presume there will be no issue to handle multiple sets of rules in CC but I was wondering what could be the potential impacts/problems for the other GRC modules?
i.e.: in Role Expert, for the US roles we would like to avoid getting potential risks from European rule sets,...
Has anybody some attention points or good practice to share on that ? It would be a great help for us.
Thanks & Regards
Bill-
As long as you have two separate installations in each of your regions, then you will be fine. Role Expert and Access Enforcer utilize the Default Rule set you define in Compliance Calibrator.
Ankur
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ankur,
thank you for your prompt answer but we plan to have only one installation shared by the different regions.
Are there any other mechanisms/solutions we could use (like user exits, ...) to get AE and RE working with multiple rule sets ?
Has someone already tried to use AE and RE with multiple rule sets and shared the experience ?
Thanks,
Bill
Hello Bill/Ankur,
Yes, you can use muliple rulestes for seggregating US rules from Europe rules and thus you need not have two implementations differently for each of these entities. That is in-fact one of the main features of SAP GRC that you ca manage all your implementation from one single source.
Make one rule-set which just has Europe Rules and make another which has just US ones. Then, when you are doing a risk analysis from AE or from RE, just mark the ruleset corresponding to the entity for whom you wish to do the risk analysis. It would not show results for any other rule set other than what you have selacted as the default ruleset in the CC-->Configuration TAB. Just make sure that when you are doing Risk analysis for Europe, you choose the Europe Rule set and similarly when you do the risk analysis for US, you select the US rule set.
Regards.
Hersh.
Different installation of GRC Solutions for different regions is certainly not recommended and not even required. It is important to design your cross system landscape efficiently considering different regions in mind and create different rule sets for different regions. In a cross system landscape you can have multiple systems from different regions with entirely a different set of modules and data. Obviously the risk will be different, for that purpose you have to create different rule sets for sure.
Now when you are performing risk analysis for a particular region you have to select the considered system/connector and a rule set respectively so that you get the risks on targeted system only.
Bill-
as you asked, if there are chances of potential impacts/problems for the other GRC modules or not,
The answer is, There will be no impact at all because you are considering them as separate entities within a landscape. It is the beauty of GRC Access Controls to have multiple system connectors, logical systems and cross system landscape that provides almost every feature to cover all regional perimeters.
Regards,
Amol Bharti
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.