07-27-2010 10:54 PM
Hi All,
Our requirement is to integrate MDM and GRC for Risk analysis. And i am not sure is it possible or not.
can i get more information on regarding this or documents pls.
Thanks & Regards
SV
07-28-2010 4:53 AM
Hi SV,
As I understand SAP MDM users UME and PFCG roles , hence SAP GRC Access Control can be used for risk analysis.
You can check the documents on Access Control from the below SDN link
http://www.sdn.sap.com/irj/bpx/grc?rid=/webcontent/uuid/00dd6b2e-57a3-2910-8a8c-e083aed57143#section... [original link is broken]
Regards
-Ranjiv
07-27-2010 11:27 PM
Hi,
I don't have too much knowledge about MDM security model.
Anyhow, you will have two choices:
1) Build your own RTA for GRC AC RAR and MDM integration
2) Use data extraction approach
For the second option, you will basically have to:
- Define you MDM SoD Matrix (SAP do not provide out of the box SoD Matrix for MDM)
- Build MDM data extractors (in order to pull out authorizations info)
- Load into RAR MDM auth data extracted
Hope it helps. Regards,
Imanol
07-27-2010 11:29 PM
Just to point out that if MDM uses UME roles (sorry but I am not familiar with MDM model security) you could just use standard eRTA provided by SAP.
07-28-2010 4:53 AM
Hi SV,
As I understand SAP MDM users UME and PFCG roles , hence SAP GRC Access Control can be used for risk analysis.
You can check the documents on Access Control from the below SDN link
http://www.sdn.sap.com/irj/bpx/grc?rid=/webcontent/uuid/00dd6b2e-57a3-2910-8a8c-e083aed57143#section... [original link is broken]
Regards
-Ranjiv