on 08-11-2016 6:03 PM
We are using GRC AC 10.1 SP11. We would like the option to scan for segregation of duties across ID's for two reasons. 1. We assign individual firefight ID's to users and would like to scan to see if someone has a SOD between their standard ID and their firefight ID. 2. We would also like to scan across multiple people to make sure Jane and John Doe do not have a SOD together.
Is there functionality available within the standard GRC offering to allow us to do this?
Thanks,
Sarah
Sarah:
We do have availabiltiy to scan both FFID and FFID User together. Use the Include FFIDs feature in the Additional Criteria area in the User Level Risk Analysis.
We do NOT have the availablity to scan across 2 separate people. You would need to do a User Level Simulation on Jane, and simulate the Roles from John to get your result. What you could do is start a Model User Request for Jane, model after John, add all of Johns roles and then run the risk analysis.
This second situation, if it happens, would be considered collusion and that is not covered in any SoD or Critical Access risk analysis.
Hope this helps,
Kevin Tucholke
SAP America
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.