- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- Regd : Rules in SAP Virsa
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Regd : Rules in SAP Virsa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2007 11:44 AM
I am a beginner in SAP Virsa. I am having one doubt in it
How to create rule in SAP virsa ? Is this rule is automatically generated for each module ? As as security consultant how can we identify the risks in the Functional module . Is that we need help of functional guys in each module to explain the critical risks. Also i understand that it is Segregation of duties of each employee in organization. But how we identify the risk factors in it. How to generate the corresponding role for it.
Can any one please brief me out ... I am very eager to know about this Virsa. Thanks for your help in advance
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2007 5:15 PM
I agree, the guides are the best place to learn about the GRC applications. Briefly though, in Virsa CC, you only maintain the function groups (list of tcodes) and the risks, the system will generate the corresponding roles which represent all the tcode combinations contained in the conflicting function groups as stated in the particular risk.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2007 12:31 PM
Hi Sanjeev,
It's worth checking out the user guide for c/c:
That will tell you how to create rules or change the ones supplied with the tool & goes the structure of how they are set up.
When identifying the risks you need to get the business and the functional consultants to analyse the existing ruleset and make any changes that are relevant to your business.
The best place for questions on the GRC products is the SDN GRC forum:
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2007 5:15 PM
I agree, the guides are the best place to learn about the GRC applications. Briefly though, in Virsa CC, you only maintain the function groups (list of tcodes) and the risks, the system will generate the corresponding roles which represent all the tcode combinations contained in the conflicting function groups as stated in the particular risk.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2007 6:10 AM
Hi Guys;
Thanks for your useful information and prompt replies....... I will refer those guides prescribed by you.
My last question
Identifying risk in each module is the work of a functional experts ? for example as Security consultant how can we know that what are the risk involved in sales processing or financial accounting etc...
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2007 8:17 AM
Usually business process experts and functional consultants should be involved in identifying the risks in the different area.
Ideally an experienced security consultant would have some of that knowledge, but this takes time to develop.
- SAP Managed Tags:
- Security
