cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC - Security Administrator task

Go to solution
Former Member

on ‎07-27-2009 5:57 PM

0 Kudos

I have the intermediate knowledge about installing, configuring and administration of all the 4 components of GRC. I know how to interconnect all of them, wherever possible. I tried to go through some of the GRC Forums and found mostly related to my current knowledge about using and configuring GRC Components.

Now would like to know, if this is sufficient for a security admin career in SAP GRC. Do I need more knowledge about some other topics. All the SOD and risk are categorized by Functional owners, therefore, I dont have much idea about them, i only know the administration of GRC.

Thanks,

Sanjay

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

hkaur
Advisor
Advisor
‎07-28-2009 10:54 AM
0 Kudos

Hello,

Categorizing risk violations is necessary to know but some part of it will also depend on the organization.We have best pratice content that can guide you on SoD among roles, transactions and category of risk violations but again all this is also customizable as per organization policies.

Harleen

SAP GRC RIG

Show replies
Show replies
Former Member
‎07-28-2009 5:15 PM
0 Kudos

Thanks Harleen,

Please could you let me know where can i find the best pratice content to know about SoD about role as you mentioned. Is there any OSS note for that.

Regards,

Sanjay

Edited by: sd6340 on Jul 28, 2009 6:16 PM

Former Member
‎07-29-2009 7:53 AM
0 Kudos

Hi Sanjay,

Please check the SAP notes: 1173980, 986996 for best practices on which SAP rule set is based.

Regards,

Shweta

Answers (2)

Answers (2)

hkaur
Advisor
Advisor
‎07-29-2009 8:21 AM
0 Kudos

Hello,

You can find the SAP Best practices content at the following link :

http://help.sap.com/bp_grcv152/GRC_US/HTML/index.htm

Harleen

SAP GRC RIG

Show replies
Show replies
Former Member
‎07-27-2009 11:33 PM
0 Kudos

Hi Sanjay,

Following few areas that I would recommend:

- Knowledge of Web-services of Access Control

- Integration knowledge of Access Control with IDM

- Integration knowledge of Access Control with BI for reporting purpose

- Knowledge of Greenlight adapters for Non-SAP systems

Information for above topics is available on BPx --> How-to-Guides. Following is the link:

https://wiki.sdn.sap.com/wiki/display/BPX/Governance%2C%20Risk%2C%20and%20Compliance%20%28GRC%29%20H...

Where as documents for Greenlight adapters are part of the adapter software.

Best Regards,

Sirish Gullapalli.

Show replies
Show replies
Former Member
‎07-28-2009 12:22 AM
0 Kudos

Thanks Sirish, I will surely go though them. The only one thing i want to clear, is it necessary to have a knowledge about how to categorize risk violations, SOD among roles and transactions as this all is done by functional heads and they provide us the input file we upload into GRC. Not very much idea about all this, but gud in using and adminstration of GRC tools. Is this will be enough to get a job as a full time GRC Security Administrator.

Sanjay

Ask a Question