on 07-27-2009 5:57 PM
I have the intermediate knowledge about installing, configuring and administration of all the 4 components of GRC. I know how to interconnect all of them, wherever possible. I tried to go through some of the GRC Forums and found mostly related to my current knowledge about using and configuring GRC Components.
Now would like to know, if this is sufficient for a security admin career in SAP GRC. Do I need more knowledge about some other topics. All the SOD and risk are categorized by Functional owners, therefore, I dont have much idea about them, i only know the administration of GRC.
Thanks,
Sanjay
Hello,
Categorizing risk violations is necessary to know but some part of it will also depend on the organization.We have best pratice content that can guide you on SoD among roles, transactions and category of risk violations but again all this is also customizable as per organization policies.
Harleen
SAP GRC RIG
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
You can find the SAP Best practices content at the following link :
http://help.sap.com/bp_grcv152/GRC_US/HTML/index.htm
Harleen
SAP GRC RIG
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Sanjay,
Following few areas that I would recommend:
- Knowledge of Web-services of Access Control
- Integration knowledge of Access Control with IDM
- Integration knowledge of Access Control with BI for reporting purpose
- Knowledge of Greenlight adapters for Non-SAP systems
Information for above topics is available on BPx --> How-to-Guides. Following is the link:
Where as documents for Greenlight adapters are part of the adapter software.
Best Regards,
Sirish Gullapalli.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Sirish, I will surely go though them. The only one thing i want to clear, is it necessary to have a knowledge about how to categorize risk violations, SOD among roles and transactions as this all is done by functional heads and they provide us the input file we upload into GRC. Not very much idea about all this, but gud in using and adminstration of GRC tools. Is this will be enough to get a job as a full time GRC Security Administrator.
Sanjay
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.