cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

GRC Ruleset Best Practices for Quantity of High, Medium and Low Risks

Former Member

on ‎07-30-2014 7:46 PM

0 Kudos

Hello,

I am beginning to investigate our ruleset in order to validate each risk. Knowing that each ruleset is specific to it's organization, I am curious if there are any sources that list typical risk level calssification for each risk. I am hoping to find a resource to compare the typical risk level classification against my current ruleset.

Any ideas and help is greatly appreciated.

Thanks,

Nathan K.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎07-30-2014 8:22 PM
0 Kudos

hi Nathan,

SAP provide pre defined rules as text files in 5.x and as BC sets for activation in 10.0. You should be able to find the BC sets within your system (should contain the words GRAC and RULESET). Over the years the rule sets delivered by SAP have been updated and refined, but majority of the rules defined have remained the same as a whole.

From these pre delivered rules you should be able to compare the "standard" definition to your custom rule definitions.

I Hope that helps.

Show replies
Show replies
Ask a Question