on 05-21-2015 1:53 PM
G'Day All,
I would like to draw upon your collective knowledge in regards to the best practices that needs to be adhered to while implementing/using firefighter (EAM). I acknowledge that there is already an abundance of information as to the technical side of the things here on SCN, so to be specific I am more interested in:
Regards,
Leo..
Hi Leo,
first of all.. welcome back 🙂
Regarding your post... did you check my process documents for firefighters? Maybe they are helpful for an overview.
http://scn.sap.com/community/grc/blog/2014/03/03/firefighter-id-lifecycle
http://scn.sap.com/community/grc/blog/2014/03/07/firefighter-id-user-assignment-lifecycle
Also check the documents regarding mitigating controls and internal controls:
http://scn.sap.com/docs/DOC-53355
http://scn.sap.com/docs/DOC-56548
Looking forward to your feedback.
Cheers,
Ale
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Ale. I know its been quite a while 🙂
I did go through all of the documentation under EAM in your useful documents section and I read these last year but I shall go through them again.
Just quickly though, how does the third option (Log display) of Notification method for the Controller work? I know the other two (Email & Workflow) but how do Controller's get/check the logs using this option and can they approve/add comments etc?
Cheers
Leo..
Dear Leo,
I will provide a document regarding the audit trails from a high level perspective in the next days. Therefore I will move your request to the collaboration topic (hope you don't mind).
Cheers,
Alessandro
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sure Ale, please go for it.
While you are at it, can you specify what's the ideal/recommended escalation time for FF log reviews please? I mean given the importance of it what do you reckon makes the ideal time. 24-48hrs sounds reasonable but then what happens when someone logs in Friday evening or something?
Also the frequency of the background jobs (log collection and workflow sync)??
This isn't just pointed at you, anyone's free to chip in.
Regards,
Leo..
Dear Leo,
regarding the frequency I would recommend to run the log sync hourly. Escalation time depends pretty much on your definition.. and as far as I have seen in several companies it is different from one company to another. Personally I recommend to set it to 3 days (72 hours) as this should be an acceptable time frame for a controller.
Regards,
Alessandro
Leo/ Alessandro,
We have our incremental syncs scheduled for hourly except for the portal sync, which apparently takes several hours to run. (The others are all a minute or less.) If you have to do a portal sync, I suggest scheduling it separately, after you see how long it takes in your landscape.
Gretchen
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.