thanks!!

Madhu,

All most everyone has responded about Process control so I am not going to go there. Discovery system V3 was built when I was with SAP. As far as I know, it comes for all four modules (Access enforcer, compliance calibrator, role expert and firefighter) of Access control. I don't think it is available with Process control.

Regards,

Alpesh

GRC Process Control may be loosely coupled with GRC Access Control, but it is really a very distinct solution to a much more expansive problem. Access Control is primarily concerned with user access and preventing segregation of duties or critical access risk. Process Controls encompasses the full range of risks companies face, beyond IT access.

For example, a company puts the following control in place: officers may not fly the company jet on trips to Washington. The company must design a test, which can be automated or manual, to verify that the control works. The company then executes the test, and if they find that officers always flew coach to Washington, then the control would be considered effective.

GRC Process Control is all about how companies manage their controls across the enterprise, which in turn is important in internal and external audits and securities filings. In summary, Process Controls is about the end-to-end process of documenting, approving, testing and certifying all controls, not just IT access, and is a very different solution from GRC Access Control.

Dear Madhu Latha,

SAP GRC Process Control automates the most time-consuming tasks related to Sarbanes-Oxley compliance: controls assessment. It continuously monitors and reports the activities in enterprise applications, and provides drill-down capabilities to facilitate analysis, pinpoint the cause of control violations, and perform remediation, all in real time.

Process Control can integrate with Risk Analysis and Remediation (formerly known as Compliance Calibrator). Risk Analysis and Remediation for SAP software provides real-time compliance monitoring and controls, integrated within your SAP deployment. Risk Analysis and Remediation uses its built-in analysis engine to identify risks associated with Segregation of Duty (SoD), critical actions, and critical permissions. Once identified, you use Risk Analysis and Remediation controls to mitigate or eliminate compliance risks. For more information on Risk Analysis and Remediation, see the SAP GRC Access Control page.

You have:

SAP GRC Process Control 2.0

SAP GRC Process Control 2.5

Visit SAP service market place for more information.

Regards,

Naveen

SAP GRC Process Control u2013 Ensures compliance and enable business process control management by centrally monitoring key controls over cross-enterprise systems.

SAP GRC Compliant User Provisioning (CUP) is the most recent upgrade of the Virsa Access Enforcer tool.The SAP GRC Process Control application provides a risk-based approach to establishing a control environment and identifying the most effective and efficient controls for business processes and cross-enterprise IT systems. It reduces the cost of compliance by streamlining and automating control processes.

SAP GRC Process Control enables you to

1)Implement operational controls to improve business process management.2)Reduce costs without compromising compliance.3) Enable lines of business to effectively mitigate risks