- SAP Community
- Products and Technology
- Additional Q&A
- GRC Landscape Design
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
GRC Landscape Design
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 04-03-2009 6:23 PM
Hello Experts,
Appreciate if you can please share your views on following points about GRC landscape:
SAP recommendations, 3 tier landscape (or at least 2 tier) for GRC Access Control -->
what is the use of having 3 tier landscape >>
a. Will there be any sort of transports from DEV -> QA -> PRD, if yes then what kind of data can be moved from one system to another (rules/risks,etc..)
b. Can we connect QA and PRD to backend SAP and Oracle PRD systems?
How the data flow is from GRC applications to backend systems.
As per my understanding, in RAR and SPM - data flows only from backend system to GRC side but not vice versa (please correct me if i am wrong).
So similar to this, how is the data flow for other applications.
Would highly appreciate if you can share your experiences !!!!
Thanks
Davinder
Accepted Solutions (1)
Accepted Solutions (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
D P,
Please find my response below:
a. Will there be any sort of transports from DEV -> QA -> PRD, if yes then what kind of data can be moved from one system to another (rules/risks,etc..) You can follow same standard what you have at the client side. You can transfer most of the configuration but not data in CUP and RAR.
b. Can we connect QA and PRD to backend SAP and Oracle PRD systems?
Yes.
How the data flow is from GRC applications to backend systems.
As per my understanding, in RAR and SPM - data flows only from backend system to GRC side but not vice versa (please correct me if i am wrong).
You are right about RAR and SPM. In the case of CUP and ERM, it is vice versa as CUP and ERM provisions users and roles in the SAP backend systems.
So similar to this, how is the data flow for other applications.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Thanks Alpesh,
As you mentioned that it's possible to connect GRC QA and PRD systems to common SAP/Oracle backend PRD system (only if we are using RAR and FF application).
Has any of your customer done this kind of scenario , what would be the pros and cons of this.
I am from Basis side, so please bear with me if my questions are very basic in GRC application functionalty.
1. In 3 tier GRC landscape, what kind of testing can be done in QA system, and is that testing not possible in DEV or PRD. In R/3 system, objects transported from DEV - QA will be completely tested there and after approval, will be moved to PRD - so in GRC landscape what kind of objects can be tested.
2. My GRC application team is asking me to connect both GRC QA, PRD to PRD backend - as they want the testing results to be matching (as data would be same).
3. How can we prove the actual requirement of 3 tier GRC landscape.
Would appreciate your kind help..!!!
Thanks
Davinder
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
D P,
Please find my response below:
1. In 3 tier GRC landscape, what kind of testing can be done in QA system, and is that testing not possible in DEV or PRD. In R/3 system, objects transported from DEV - QA will be completely tested there and after approval, will be moved to PRD - so in GRC landscape what kind of objects can be tested. GRC AC 5.3 only requires one staging server (Dev or QA) before PRD but if customer wants to follow their standard procedure (Dev->QA->PRD) then they can.
2. My GRC application team is asking me to connect both GRC QA, PRD to PRD backend - as they want the testing results to be matching (as data would be same). This would work.
3. How can we prove the actual requirement of 3 tier GRC landscape.
I don't know how you can prove that. It depends on customer requirement and budget.
Regards,
Alpesh
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Davinder,
The dev and the QAS clients are for configuring and testing the data respectively.The ultimate destination is PRD.
If your PRD runs in oracle,what is the point in configuring and testing in SAP?
Technically individually the clients can be connected to altogether different ERP systems.
For all practical purposes,it does not make sense to have DEVand QAS in SAP and PRD in oracle.
The data to and fro from GRC to SAP R3/Ecc goes via RFCs.You do this using T/c SM 59.
hope this helps.
Regards
Ramesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Sapphire 2024 user experience and application development sessions in Technology Blogs by SAP
- SAP BW/4 - revamp and true to the line 2024 in Technology Blogs by Members
- Creating a Custom Navigation Side Panel in SAP Analytics Cloud (Optimized Story Experience) in Technology Blogs by SAP
- Exploring GraphQL and REST for SAP Developers in Technology Blogs by SAP
- Quick & Easy Datasphere - When to use Data Flow, Transformation Flow, SQL View? in Technology Blogs by Members
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.