on 08-30-2010 8:20 AM
We have to connect one SAP GRC AC instance for 2 group companies in 2 separate ECC backend system. There are different rule sets for the companies. I have the following issues-
1. I am facing problem in using ERM and CUP, as during risk analysis in ERM and CUP, it refers to the default rule set configured in RAR and it has to be manully changed depending upon the company for which i am working upon. For example, there are two companies A and B hosted in two different ECC backend system and two rule set have been defined respectively A and B for them in RAR. Now suppose Rule set A has been configured as default rule set in RAR and I am creating a role/user for company B. In such case ERM/CUP does the risk analysis against the rule set A and this gives wrong result as the role user is related to company B. Please advise a workaround for this problem so that we can use a single GRC instance for multiple ECC backend system with different rule sets.
2. Another issue is configuring the user data source in CUP. I can select only one system for user data soruce for searching user details. However if multiple backend system is connected to a single GRC instance how can I set the data source so that I can search users of all the backend systems?
Please suggest,
Regards,
Nitin
Hi all,
Is this issue resolved in SAP GRC 10.0.
Thanks in advanced.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Nitin,
Sorry to say but any of these is not possible out of the box. Here is my response:
1. I am facing problem in using ERM and CUP, as during risk analysis in ERM and CUP, it refers to the default rule set configured in RAR and it has to be manully changed depending upon the company for which i am working upon. For example, there are two companies A and B hosted in two different ECC backend system and two rule set have been defined respectively A and B for them in RAR. Now suppose Rule set A has been configured as default rule set in RAR and I am creating a role/user for company B. In such case ERM/CUP does the risk analysis against the rule set A and this gives wrong result as the role user is related to company B. Please advise a workaround for this problem so that we can use a single GRC instance for multiple ECC backend system with different rule sets.
There is no workaround or solution for this. ERM/CUP would only look at the default ruleset for risk analysis.
2. Another issue is configuring the user data source in CUP. I can select only one system for user data soruce for searching user details. However if multiple backend system is connected to a single GRC instance how can I set the data source so that I an search users of all the backend systems?
There is no workaround here either but you can use the master user source for user search and user data source. Usually, customers tend to use LDAP or HR system as it will contain most of their users.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Alpesh,
Another option may be that instead of creating 2 different rule sets, we can create a single rule set and include all the risks of both the companies in the same rule set with different naming conventions and generate rules for that. We can set this rule set as default rule set in RAR. While doing risk analysis in ERM and CUP, only the risks relevant for the applicable system will be scanned agianst.
Any thoughts?
Regards,
Nitin
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.