cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Multiple rule sets - impacts in GRC modules

Go to solution
Former Member

on ‎10-13-2008 3:43 PM

0 Kudos

Hi,

We are currently running CC 5.2 on our European perimeter. We would like to extend in the near future to our US perimeter. For that, we have to take into consideration a complete new set of rules.

I presume there will be no issue to handle multiple sets of rules in CC but I was wondering what could be the potential impacts/problems for the other GRC modules?

i.e.: in Role Expert, for the US roles we would like to avoid getting potential risks from European rule sets,...

Has anybody some attention points or good practice to share on that ? It would be a great help for us.

Thanks & Regards

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member366047
Contributor
‎10-13-2008 4:36 PM
0 Kudos

Bill-

As long as you have two separate installations in each of your regions, then you will be fine. Role Expert and Access Enforcer utilize the Default Rule set you define in Compliance Calibrator.

Ankur

Show replies
Show replies
Former Member
‎10-14-2008 8:26 AM
0 Kudos

Hi Ankur,

thank you for your prompt answer but we plan to have only one installation shared by the different regions.

Are there any other mechanisms/solutions we could use (like user exits, ...) to get AE and RE working with multiple rule sets ?

Has someone already tried to use AE and RE with multiple rule sets and shared the experience ?

Thanks,

Bill

Former Member
‎10-14-2008 10:26 AM
0 Kudos

Hello Bill/Ankur,

Yes, you can use muliple rulestes for seggregating US rules from Europe rules and thus you need not have two implementations differently for each of these entities. That is in-fact one of the main features of SAP GRC that you ca manage all your implementation from one single source.

Make one rule-set which just has Europe Rules and make another which has just US ones. Then, when you are doing a risk analysis from AE or from RE, just mark the ruleset corresponding to the entity for whom you wish to do the risk analysis. It would not show results for any other rule set other than what you have selacted as the default ruleset in the CC-->Configuration TAB. Just make sure that when you are doing Risk analysis for Europe, you choose the Europe Rule set and similarly when you do the risk analysis for US, you select the US rule set.

Regards.

Hersh.

Former Member
‎10-15-2008 7:09 AM
0 Kudos

Absolutely correct Hersh, we have linked 3 separate SAP instances located in different parts of India to one single GRC server with each instance having it is own rule book

piyush jain

Answers (1)

Answers (1)

Former Member
‎10-15-2008 8:26 AM
0 Kudos

Different installation of GRC Solutions for different regions is certainly not recommended and not even required. It is important to design your cross system landscape efficiently considering different regions in mind and create different rule sets for different regions. In a cross system landscape you can have multiple systems from different regions with entirely a different set of modules and data. Obviously the risk will be different, for that purpose you have to create different rule sets for sure.

Now when you are performing risk analysis for a particular region you have to select the considered system/connector and a rule set respectively so that you get the risks on targeted system only.

Bill-

as you asked, if there are chances of potential impacts/problems for the other GRC modules or not,

The answer is, There will be no impact at all because you are considering them as separate entities within a landscape. It is the beauty of GRC Access Controls to have multiple system connectors, logical systems and cross system landscape that provides almost every feature to cover all regional perimeters.

Regards,

Amol Bharti

Show replies
Show replies
Ask a Question