Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Regarding critical roles,critical transactions,critical profiles

Former Member
0 Kudos

Hi all,

I want to find the critical roles,critical transactions ,critical profiles in GRC.

Could you please give me any sample examples in a real time scenario for each case.

Thanks,

Joseph.

1 ACCEPTED SOLUTION

Former Member
0 Kudos

Hello Joseph,

1. I want to find the critical roles,critical transactions ,critical profiles in GRC.

A) You can find the critical roles and profiles in the Rule architect TAB under "Critical Roles" & "Critical Profiles"

B) For Critical Transactions you can search the "Risks" in the Rule architect TAB by having Risk type as "Critical Action", and then for each of Critical Action Risks you can drill down to find the transactions contained in them.

2. Could you please give me any sample examples in a real time scenario for each case.

For this you can refer to the above post from Yudit which explains it nicely. Also, you can discuss this with functional people for each module.

Regards,

Hersh.

http://www.linkedin.com/in/hersh13

Edited by: HERSH GUPTA on Feb 5, 2009 4:54 PM

5 REPLIES 5

yudittzruya
Participant
0 Kudos

Hi Joseph,

Critical Profile could be SAP_ALL , SAP_NEW and etc...

Critical Action in finance could be :

Allow Posting to Previous Period(MMRV)

Delete Documents(OBR1)

Close Periods(MMPV)

Change Bank(FI02)

you could check the basic content that comes with the system for the critical action rules

BR

Yudit

Former Member
0 Kudos

Hello Joseph,

1. I want to find the critical roles,critical transactions ,critical profiles in GRC.

A) You can find the critical roles and profiles in the Rule architect TAB under "Critical Roles" & "Critical Profiles"

B) For Critical Transactions you can search the "Risks" in the Rule architect TAB by having Risk type as "Critical Action", and then for each of Critical Action Risks you can drill down to find the transactions contained in them.

2. Could you please give me any sample examples in a real time scenario for each case.

For this you can refer to the above post from Yudit which explains it nicely. Also, you can discuss this with functional people for each module.

Regards,

Hersh.

http://www.linkedin.com/in/hersh13

Edited by: HERSH GUPTA on Feb 5, 2009 4:54 PM

0 Kudos

Hi Joseph

Here is the details of critical profiles available on SAP and below is the text I copied from a note.

BEST PRACTICE RECOMMENDATION: Add "SAP_ALL" type security roles and the

SAP profiles, see list below for profiles, to the Critical Roles and

Critical Profiles table. Then in Configuration > Additional Options >

Ingnore Critical Roles & Profiles change this to setting to YES. This will

prevent long runtimes on roles or profiles that violate every rule. Please

plan to eventually remove these roles and profiles from production access.

SAP_ALL All Authorizations For The SAP System

SAP_NEW All Authorizations For Newly Created Objects

S_A.ADMIN Basis Operator

S_A.CUSTOMIZ All Customizing Access - Complete IMG Access

S_A.DEVELOP Developer Profile - Unrestricted Development Access

S_A.SYSTEM System Administrator (Superuser) Access

S_A.USER All Application Authorizations

You have to talk with your security/basis/functional to find about critical roles.

0 Kudos

Hello Sahad,

can you please provide the number of the note which contains the best practice you posted?

I am very much interested in the full text of the note.

Thank you.

Best regards,

Jürgen Holtz

0 Kudos

HI Jürgen,

Note 1034117 - Management Reports run too long, not updating, or

inaccurate