on 04-28-2009 12:10 PM
Hello Friends,
Could you please suggest me some topics for accelerators(functionality related or implementation specific) which you think will help consultants involved in GRC implementations?
Thanks
Harleen
SAP GRC RIG
Hi Harleen,
I would love a document (best practice) how to approach customization of the rule set. Not technically. More of a common guideline to follow for the different stakeholders (functional consultants/security/bpo).
Thx,
Vit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Harleen
Here are some documentations which we all will love to have
1) Integration and configuration of SAP GRC with SAP IDM along with a demo which should have details about
a) SAP IDM should be able to give the compliance check of a user creation request to all target system in a landscape along with the technical roles to be assigned to SAP GRC
b) After compliance check on SAP GRC for all technical systems along with techincal roles that are going to be assigned in target systems, SAP GRC should call web services of SAP IDM
c) SAP IDM should take the request and should provision to all the target systems
d) This should support the enterprise business concept of SAP IDM
PS:- there are many configuraiton documents which talks about SAP IDM- SAP GRC. But no documents explain how SAP GRC after complaince check can give the request back to SAP IDM and SAP IDM should provision to all the target system in a single go. Ie instead of checking the compliance against a single target system, the compliance check should be done across all the target system along with target techincal roles that comes with enterprise business roles.
I am not sure if SAP GRC and SAP IDM can support this or not ?.
2) Configuration document For Risk analysis for Java components of BI, CRM, SRM incase a central SAP EP Portal is used as front end for accessing java compenents of BI , CRM and SRM.
Hi Harleen,
I guess there is not enough ducomentation regarding EP connectivity and other activities like user creation, Role management, Risk configuration and analysis. It would be great help if you can provide some configuration doc on that.
Regards-Sabita
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
You may think of the following areas:
Process Control:How to interface with Green light Tech for extracting data from Applications other than SAP.
Query:How to extract statistics details like the no of invoices with value more than $10000 during a period
Risk Management:How to capture KRIs in SSM.
Regards
Ramesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the suggestion Hersh !!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Harleen,
1. Functionality related:
What I can suggest you for the same is some document covering the functionalities like :
a) Mass role Update (not sure it has started working for adding an object to n roles or still a bug.)
b) Firefighter troubleshooting for log display.
c) Dervied role creation and modification in ERM.
d) Configuring E-mails for Alerts etc and its troubleshooting.
2. Implementation specific
a) Ideal role name conventions.
b) Requirement gathering w.r.t each of the tools before you start.
c) Ideal strategy for implementation of each tools.
d) Role cleanup strategy in case where SAP is already installed and working but now we are to implement GRC over it.
e) How GRC will be integrated with Non-SAP ERP's.
Regards,
Hersh.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for the suggestions Alpesh.
Harleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello All,
Probably my question was not clear:
Do you have any suggestions for the creation of new GRC documents? Meaning, any topic which you think needs more documentation? I am aware of the documents that are there and want to publish some new ones. So, I need your suggestions on what GRC topics need more documentation?
Harleen
SAP GRC RIG
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Harleen,
In CUP, you can add document around UAR and SOD review with the common issues. You can add document around role reaffirm process and how we can configure role reaffirm email.
In RAR, document around easy way to customize rule set and using logical system.
In ERM, document around best practice to use ERM.
Regards,
Alpesh
hi
you can see that :
I hope it will help you because I am not sure I understood your question
regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
There is a very good link to find GRC accelerators.
1) https://www.sdn.sap.com/irj/scn/grc-elearning
2) Login to service marketplace, https://websmp109.sap-ag.de/instguides
--> SAP BusinessObjects governance, risk, compliance (GRC)
--> Access Control
--> SAP GRC Access Control 5.3
Here you will get the installation guide, Configuration guide, master guide, Security guide etc etc.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.