- SAP Community
- Products and Technology
- Additional Q&A
- RAR Risk Criticality Ratings
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
RAR Risk Criticality Ratings
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 05-06-2008 9:43 PM
Does anyone know how SAP defines the risk criticality ratings for the SAP default ruleset in RAR? For example, what makes a risk Critical vs. High?
Accepted Solutions (0)
Answers (3)
Answers (3)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Thank you both - great feedback
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
You must also keep in mind that the terms "critical" and "high" are different sides of the risk equation. The classic risk equation is Probability x Impact = Risk Level. Substituting the terms above you get: Probability x "Critical" = "High". For RM 2.0 you need to configure the system (or set Quantitative Thresholds in the Org) to create definitions for what the Impact levels mean for your customer (they're subjective until defined). This is true for both Inherent and Residual Risk.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
There is no definition of HIGH, MEDIUM or LOW given therefore you have to decide what your definitionsof these ratings are and whether the standard ruleset suggestions are appropriate for you and your company.
You should treat the standard ruleset as a "starting point" and not as the "end point". Unfortunately alot of companies treat the standard ruleset as though it is perfect in every way. Logically this can not be the case because it would suggest that the standard rulset would be appropriate for all versions of SAP in all countries for all modules and for all legistlative and internnal requirements which it can not be.
Therefore you should start with the standard ruleset and convert it into something that is more appropriate for your business.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
koehntopp
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
As I understand it, critical is never used in the default rule set.
The other levels are just proposals, every customer needs to make their own individual judgement on this. What's HIGH for one company may be irrelevant to another.
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- SAP Named a Leader in the 2024 Gartner Magic Quadrant for Transportation Management Systems in Supply Chain Management Blogs by SAP
- Why Financial Health Reviews are Crucial in Supplier Evaluation in Spend Management Blogs by SAP
- Empowering Retail Business with a Seamless Data Migration to SAP S/4HANA in Technology Blogs by Members
- The Procurement Monthly - March 2024 in Spend Management Blogs by SAP
- What's New in SAP Asset Performance Management 2403 in Supply Chain Management Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.