on 05-05-2012 1:19 PM
Hi there,
We have a 2-tier landscape of GRC10 with DEV & PRD. We are considering the following approach when making changes to rules and I'm wondering if this would be considered best practice / viable / or not a good idea:
It was mentioned to us that in terms of change history we would be able to keep a more meaningful change history this way (without all the trial and error changes reflected), and in addition it gives us the opportunity to test what works first (because we are all relatively new to GRC).
Hoping for guidance!
Many thanks,
Lisa
Lisa:
This was one of the complaints that most customers had with the AC5.3 Version that changes could not be transported. AC10 give you the abiltiy to allow the transport of the rule set. While this is technically possible, I would not call it a best practice. As I understand it, the transport would also transport the change history from the GRC Configuration client through the landscape.
If you choose to go down the route of making changes in Production, you may want to think about implementing the Workflow for Risk / Function changes so that approvals can be captured.
Thanks,
Kevin Tucholke
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Kevin,
I was reading through your response and could not get the statement " AC10 give you the abiltiy to allow the transport of the rule set. While this is technically possible, I would not call it a best practice"
If i am reading it correctly - are you suggesting that transporting rule sets is not a good practice..
Thanks for your additional 2 cents on the transport route for GRC rule sets..
As of now, in our present landscape - we would like to transport GRC AC 10 rule sets from DEV --> QAS --> PRD and since they are transportable, we plan to follow, change management process and normal testing in QAS...
Rgds,
Sri
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.