on 03-18-2010 12:38 PM
Hi,
I currently have a GRC 5.3 system which is connected to an ERP landscape. We are looking to extend this system to allow another location within our company (who have a seperate ERP landscape) to use the same GRC system.
Both locations have very different business processes, so therefore would require different rulesets which is ok. But one ERP landscape works with a CUA and the other does not. Could this pose a problem? Also the provisioning process will be different for both companies. Technically it looks like GRC can accommodate this setup. However I am wondering if anybody has implemented a similar setup and if there were any challenges around CUA/seperate ruleset etc?
Thanks,
Niamh
Nimah,
These set up can work but the issue would be with the ruleset. Even though, RAR allows to have more than one ruleset, you can only make one ruleset as default ruleset. CUP will use the default ruleset to run risk analysis via RAR.
E.g. Location A - Ruleset A (Default)
Location B - Ruleset B
Management report in CUP will only show data coming from the analysis using Ruleset A. CUP will also use only Ruleset A to run risk analysis even when it's running analysis for systems in Location B.
I would recommend you to have separate GRC AC instances due to the compexity of your environment.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.