cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SOD Scanning across multiple ID's?

sarah_klobe
Explorer

on ‎08-11-2016 6:03 PM

0 Kudos

We are using GRC AC 10.1 SP11. We would like the option to scan for segregation of duties across ID's for two reasons. 1. We assign individual firefight ID's to users and would like to scan to see if someone has a SOD between their standard ID and their firefight ID. 2. We would also like to scan across multiple people to make sure Jane and John Doe do not have a SOD together.

Is there functionality available within the standard GRC offering to allow us to do this?

Thanks,

Sarah

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

kevin_tucholke1
Contributor
‎08-11-2016 6:16 PM
0 Kudos

Sarah:

We do have availabiltiy to scan both FFID and FFID User together.  Use the Include FFIDs feature in the Additional Criteria area in the User Level Risk Analysis.

We do NOT have the availablity to scan across 2 separate people.  You would need to do a User Level Simulation on Jane, and simulate the Roles from John to get your result.  What you could do is start a Model User Request for Jane, model after John, add all of Johns roles and then run the risk analysis.

This second situation, if it happens, would be considered collusion and that is not covered in any SoD or Critical Access risk analysis.

Hope this helps,

Kevin Tucholke

SAP America

Show replies
Show replies
sarah_klobe
Explorer
‎08-15-2016 2:13 PM
0 Kudos

Thanks for the quick response Kevin. We found parameter 1038 but misunderstood how it worked. I am in the process of getting all of our sync jobs to run in our QA environment so I can confirm this will work for us.

I will update this post with my findings.

Thanks!

Sarah

Ask a Question