The 2011 ruleset update has now been incorporated into 5.3 Support Pack 17 and 10.0 Support Pack 5 which are both in released status. Please see sap note "1604722 Risk Analysis and Remediation Rule Update Q3 2011" for a full summary of the changes made. Please see sap note "1352498 Support Pack Numbering - GRC Access Control" for information on the support pack numbering for Access Control.

As indicated in this note, the ruleset changes are incorporated into 5.3 SP17 and 10.0 SP 5. For new customers implementing Access Control, the rules contained in these support packs contain the most recent version of the delivered ruleset. See sap note "1033326 Risk Analysis and Remediation Rule Upload guidance" for information on how to find the files in 5.3 and upload. In 10.0, you will activate the appropriate GRAC_RA_RULESET* BC_SETS applicable to your system.

For existing customers, you will need to review the updates made per the Word document included in sap note 1604722 and manually make the changes to your ruleset that you believe are applicable in your environment. It is highly recommended that existing customers DON'T reactivate the BC_SETS in 10.0 or reload the text files in 5.3 as it will overwrite your customization. The only option then is to manually make the changes using the Rule Architect functionality.

Please see related sap notes below for previous ruleset updates and other guidance around rulesets.

1446680 Risk Analysis and Remediation Rule Update Q2 2010

1326497 Risk Analysis and Remediation Rule Update Q2 2009

1173980 Risk Analysis and Remediation Rule Update Q2 2008

1083611 Compliance Calibrator Rule Update Q3 2007

1035070 Compliance Calibrator Rule Update Q1 2007

1061380 Compliance Calibrator Rule Update Q2 2006

986996 GRC Access Control- Best Practice for Rules and Risks

1373465 Rule Upload and Rule Import - Explanation of functions

Jayne