cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Risk Terminator: Anyone using it?

Go to solution
Former Member

on ‎10-05-2010 7:15 PM

0 Kudos

Hi,

I would like to find out how many of you are currently using Risk Terminator in R/3 for risk analysis when defining roles in PFCG.

Many thanks in advance. Best regards,

Imanol

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎10-08-2010 4:05 PM
0 Kudos

Hi Imanol,

Many of the clients for whom I worked, have RT enabled. As highlighted in few of the responses, it is easy to track the risks while generating the roles, or assigning roles to the users.

I would definitely vote for it since, RT is a pro-active way of identifying the risks. When the options are set to stop generating or assigning, when there are risks, RT will not allow to proceed further which is almost closing any deviations.

However, if you have ERM and CUP tools used in your environment, then probably RT might not be required.

Rgds.

Raghu

Show replies
Show replies

Answers (3)

Answers (3)

koehntopp
Product and Topic Expert
Product and Topic Expert
‎10-07-2010 5:10 PM
0 Kudos

Lots of my customers are using it. It's a great way to avoid changes in PFCG introducing risks into single roles without going all the way to ERM.

Frank.

Show replies
Show replies
Former Member
‎10-07-2010 6:09 PM
0 Kudos

Hi Frank

We hada demo at my previous client's premises via webex and we weren't convinced of its merits but that may have been due to our way of working.

I have to admit to never using it in anger (mostly angry using SAP but there you go) but it appeared to allow users to propose the creation of single roles which would be SoD/critical compliant/mitigated.

I can see that giving only a few users access to this so that a standard way of working and vetting requests might work but, in the version we had, that also meant they had to have access to PFCG in R3 too...that was going to be fixed in a later release?

Very true about the green flag/red flag check whilst still in the Java side of things but wouldn't the workload change for the security dept. in that they were constantly vetting 'instant' requests for new or changed roles instead of the requests going through a proper CAB meeting approval before creation anyway?

Still not convinced that this element really can be more efficient especially if not controlled but the SoD quick check would save time doing a simulation in RAR after the role has been created in PCFCg via R3 but then you can always delete/start again or mode the role based on the results.

Saying that - isn't GRC going back to the ABAP stack in the AC10 release? How would that affect the role requests?

Sorry for more questions and no answers!

Cheers

David

Former Member
‎10-06-2010 6:12 AM
0 Kudos

Imanol,

Per my knowledge, many SAP GRC customers are using Risk Terminator.

It is more easy to use with CC 4.0. with 5.x lot of settings are required.

Yes many GRC customers are using it.

regards,

Surpreet

Show replies
Show replies
Former Member
‎10-05-2010 8:45 PM
0 Kudos

Hi

Nope! (Thing of evil that it is)

Cheers

David

Show replies
Show replies
Ask a Question