- SAP Community
- Products and Technology
- Additional Q&A
- Newbie Looking for Guidance
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Newbie Looking for Guidance
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 01-09-2014 2:51 PM
Hi All,
I am still new to GRC, and was looking for a bit of guidance from the expereinced players. What would your suggestions be for a new person to learn the ropes well?
Anything that you wish you had know when you first started?
Whats been the hardest thing you have had to deal with?
I appreciate the help, I have been reading all the manuals I have at work, and a lot of the books. Looking for other ways to expand too. Thanks Again!
Brian
Accepted Solutions (1)
Accepted Solutions (1)
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Brian
For GRC 10 attend the courses unless via work you have access to a sandpit environment and the manuals. it's an ABAP system so when looking for help there are so many other communities/areas out there for Basis, Workflow, BRF, etc.
You really need a basic understand of SAP landscape and ABAP systems with configuration, etc. Not sure what your background is here. I learned a bit of GRC by debugging the code to figure out what was happening and I'm not a developer!
If designing/building a new system - treat GRC like a business process that is it. Write your design first and figure out exactly what you are trying to achieve before changing the configuration - document it too!! Leverage approach from your colleagues!
For time allocation and scheduling - it will take longer than you anticipate. Especially if SAP just released an SP. There is a change you fixed a bug/issue and it's been reintroduced.
The hardest bit I had to deal with in the beginning was lack of information. GRC300 course helped but the SCN community has really been building up in past 12 months. There is a lot of good content on here and a heap of people with great expertise! I learn a lot just from reading through the threads and trying out the scenarios people consider. I changed my design a few times to incorporate ideas based on questions put forward to this community.
good luck with it all
Cheers
Colleen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Thanks Colleen for the guidance.My background I only grdauted in May with an MSIS in Information Systems, focusing on SAP. So I know the general overview of SAP. I havent dived into any one source a lot though. Most of everything I learned was high over view for a lot.
I have been going through and reading all the manuals and keeping up to date here on the site. Expanding my skills by answering the questions I see that I know. I was wondering how much of other content covered the GRC, it helps to know that Basis and ABAP cover a lot, ill use those sources to learn more also. Once again I want to say thank you for the response.
Brian
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi
If you are relatively new and moving in SAP GRC space non-SAP technical skills including business areas (e.g. accounting) as well as business/IT of risk management concepts. Bring that knowledge and it will help you to master GRC.
If you are involved in Access Controls look at learning about ABAP Security (user master, security role, authorisation object). There is a wealth of information out here and the SCN community for security exists. This can give you the basis of the authorisation object, how a user obtains access and then that can assist you with Risk, Analysis and Remediation (take a risk management and segregation of duties theory and combine with SAP security technical knowledge). As well, you can then learn about firefighter and then compliant user provisioning and business role management (building and documenting the security roles)
Part of where to start and how to approach comes down to what sort of job you are doing (power user, joined a consultancy and doing configuration, etc)
Good luck with it all. SAP is massive and you won't master it all. Start with the basics. Read up and reach out to the community
Regards
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
This is extremely helpful, I am starting in Access Controls. So I will start with the ABAP Security. My job is Informaiton Security Analyst, in charge of provisioning currently as I learn more.
So far my job has focused and revolved around CUP, and GRC methods. Starting to get more into the Business role management but only been wetting my toes so far. Thanks for the advice and help, I know I wont master all of SAP, just my own little portion.
Brian
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Brian,
Please don't forget to get hands-on experience. Get access to a sandbox in your organization. Decide which GRC do you want to work on. A lot many clients still use 5.3 and are in the process of upgrading to 10.x. If you are familiar with 5.3, then the upgrade process becomes easier. My suggestion would be to read the documentation found at www.sdn.sap.com/irj/sdn/bpx-grc Especially the how-tos. Get your hands dirty and spoil a thing or two and see why/how something happened. There is so much information available that you may get bored. Reading while you are actually working hands-on, works better as some of the things you would read will have been gone through your eyes and will stay longer in your mind. But the idea is to get access to the documentation and know what to read when needed. We are all here to help so don't be afraid to ask questions. Please make sure you have Googled your question first, because the chances are that your question(s) may have been asked and answered by someone already. Everyone who is contributing here has valuable time and please respect it. If you have done your research, then it shows that you are serious.
Sincerely,
Amrit
Colleen
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Amrit,
Thank you for the advice and recommendations! I appreciate the guidance, and will strive to follow what you have said. Currently we are using 5.3 GRC, so I am becoming familiar with that. I understand about reading till you are bored, that was what was happening to me, but I am getting better at it. I will work with more hands-on as I take on more responsibility.
Google or Bing, are normally the first places I always turn too. Since my Grad program, that was how I troubleshot learning configuration of R3. Thank you again from the bottom of my heart for the advice!
Sincerely,
Brian
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Answers (0)
- Help Needed: Developing Reports on Invoices, Payments, and Inventory in SAP Datasphere in Technology Q&A
- SAP BW/4 - revamp and true to the line 2024 in Technology Blogs by Members
- Integrating CDS action in SAP Mobile Services for Data Retrieval in Technology Q&A
- Enhanced RISE with SAP Methodology with clean core quality checks in Enterprise Resource Planning Blogs by SAP
- Jumpstart your cloud ERP journey with guided enablement in RISE with SAP Methodology in Enterprise Resource Planning Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.