cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Migarting from Approva to SAP GRC AC 5.3

Go to solution
Former Member

on ‎01-18-2011 10:24 AM

0 Kudos

Hello All,

One of our client using Approva applications now they are planning to move to SAP GRC Access Controls 5.3, so kindly help me or guide he how I proceed.

Key doubts u2013

1-How we upload rules in RAR, because we downloaded the rules from Approva.

2-Creation of mitigation controls etc.

It would be great if some share some documents related to above.

Thanks,

Jagat

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

koehntopp
Product and Topic Expert
Product and Topic Expert
‎01-18-2011 11:12 AM
0 Kudos

Hi,

the GRC AC 5.3 Configuration Guide has descriptions for rule set import templates. You can also import the mitigating controls.

The main challenge will be to translate the rule set into the corresponding SAP terminology:

- Risks (description, control target, owner, level, type, functions)

- Functions (system specific tcodes & auth objects)

This should be done by someone who knows a bit about GRC to make sure it creates the same level of analysis, and ideally the same results.

Frank.

Show replies
Show replies
Former Member
‎01-18-2011 12:25 PM
0 Kudos

Hello Frank,

Thanks for the reply. I know how to create - Risks (description, control target, owner, level, type, functions) ,- Functions (system specific tcodes & auth objects) etc. But my doubts are once we download all the stuff from approva after that how we proceed.

Thanks,

Jagat

koehntopp
Product and Topic Expert
Product and Topic Expert
‎01-18-2011 1:09 PM
0 Kudos

As I said - convert to AC import files and upload.

Frank.

jitan
Product and Topic Expert
Product and Topic Expert
‎01-20-2011 7:19 AM
0 Kudos

Hi Jagat,

Once your GRC system is configured. You have to follow the following steps:

1. Create system connector

2. Define Master User Source

3. Upload text & authorization objects. (Follow the AC53 Configuration guide to download these files from backend)

4. Now as Frank has suggested you have to convert the downloaded Apporava files to .txt files. There are 9 .txt files you have to create:

1. Business Process

BusinessProcessId (CHAR 4) LANGUAGE (CHAR 2) DESCRIPTION LANGUAGE (CHAR 120)

*fileds are TAB seperated

2. Function

FUNCTION ID (CHAR 😎 LANGUAGE (CHAR 2) DESCRIPTION LANGUAGE (CHAR 120) FUNCTION SCOPE (CHAR 1 (S:Single System, C: Cross System))

3. Function-Business Process

FUNCTION ID (CHAR 😎 BusinessProcessId (CHAR 4)

4. Function-Action

FUNCTION ID (CHAR 😎 TRANSACTION(CHAR 20) STATUS (NUMC 1 (0 or 1))

5. Function-Permission

FUNCTION ID (CHAR 😎 T-CODE (CHAR 20) OBJECT(CHAR 10) FIELD(CHAR 10) FROM VALUE(CHAR 40) TO VALUE(CHAR 40) SEARCH TYPE(CHAR3 (AND,OR,NOT)) STATUS (NUMC 1 (0 or 1))

6. Rule Set

RuleSetId (CHAR 😎 LANGUAGE (CHAR 2) DESCRIPTION (CHAR 132)

7. Risk ID

RISKID (CHAR 4) FUNCTION_1_ID (CHAR 😎 FUNCTION_2_ID (CHAR 😎 FUNCTION_3_ID (CHAR 😎 FUNCTION_4_ID (CHAR 😎 FUNCTION_5_ID (CHAR 😎 BusinessProcessId (CHAR 4) PRIORITYDESCRIPTION (NUMC 1 (0=Medium

1=High 2=Low 3=Critical)) STATUS (NUMC 1 (0 or 1)) RISKTYPE (CHAR 1 (1=SoD 2=Critical Action 3=Critical Permission))

8. Risk Description

RISKID (CHAR 4) LANGUAGE (CHAR 2) RISKDESCRIPTION (CHAR 132) DETAILDESCRIPTION (CHAR 1000) CONTROLOBJECTIVE (CHAR 1000)

9. RISK_RULESET

RISKID (CHAR 4) RuleSetId (CHAR 😎

    • For more information on templates follow the configuration guide.

Upload these files and generate the rules.

Hope with this you will be able to continue.

Thanks & Regards,

Jitan

Answers (0)

Ask a Question