Grc Overview 4x6669
This document was ed by and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this report form. Report 3b7i
Overview 3e4r5l
& View Grc Overview as PDF for free.
More details w3441
- Words: 669
- Pages: 17
SAP Governance, Risk & Compliance Overview
SAP GRC – The Solutions Access Control 5.3 & 10.0 • • • •
Compliant Provisioning/ Access Request Manag: Access Management Enterprise Role Management/ Business Role Manag: Business Role Governance Super Privilege Management/ Emergency Access Manag : Super Risk Analysis and Remediation/ Access Risk Analysis : Risk Analysis
GRC – Process Control GRC – Risk Management
GRC – Global Trade Services GRC – Sustainability GRC – Environmental Health & Safety Compliance
What is difference.. From a technical perspective, SAP has moved from Java programming language to the Advance Business Application Programming (ABAP) platform, which enable consistent security and standardize configuration settings between GRC 10.0 products. This standardization allows centralized across all components, and the solution`s new platform improves changes management processes by leveraging SAP`s standard transport system and background job scheduling and archiving features. GRC 5.3
GRC 10
Netweaver ABAP/JAVA
Netweaver ABAP/Java
SAP ECC/ R/3
SAP ECC/ R/3
Access Request Management
• Automates provisioning • Tests for segregation of duties issues • Streamlines approvals to unburden IT staff
GRC ECC
BI
CRM
Few Imp features of GRC ARM: AC product includes some pre-delivered workflows for access management: One significant enhancement is the ability to incorporate MSMP workflow configuration into access approval routing MSMP : Multi Stage Multi Paths One initiator rule ID Agents/Approver : Role, Custom Group, Agent ID & group Mass Creation.
Access Request Analysis
ARM
ARA
BRM
EAM
Risk Analysis and Remediation , which s real-time compliance to detect, remove and prevent access and authorization risks by preventing security and control violations before they occur. Real-time compliance to detect, remove, and prevent access and authorization risk by controlling violations before they occur The ability to perform mass mitigation of SoD risks at the or risk level will allow business s and control owners to experience increased productivity by reducing time spent on the mitigating access risks
Why ARA
Build Rules
Risk Analysis at Action / permission levels Reports
Remove access Or Mitigate
Free from violations
Ability to filter, Save reports and run multiple and custom risk analyses simultaneously custom risk analyses simultaneously : transaction code and permission level can save risk reports in PDF file.
Crystal Reports is not integrated in GRC 10.0 solution, enabling report customization and the of charts and graphs to represent risk analysis GRC 10 give mass mitigation of SoD risk at the or risk level will allow business s and control owners to experience increased productivity by reducing time spent on mitigation access risks. In previous versions of the GRC suite, mitigation only could be applied to one across all systems (instead of a subset of system)
Centralized Emergency Access
No SAP_ALL
.
SD FF ID Log
• • • • •
MM FF ID Log
FICO FF ID Log
Preassigned firefighter IDs Access restrictions Validity dates Field-level changes tracked in audit log Easy Monitoring
PP FF ID Log
GRC 10.0
ECC 6
BI system
CRM system
ECC 6
Super- monitoring capabilities have been moved to a centralized environment in GRC 10.0 Previously Firefighter had to be installed and configured for each target system. This will allows monitoring of emergency access from one GRC system and streamlining of the istration process
Business Role Management The Business Role Management component of the GRC solution automates role definition and management of roles
Provides SAP Security s, Role Designers, and Role Owners with a simplified means of documenting and maintaining important role information Access Control can be the central repository for all SAP systems connected in the landscape
Business Role Management is tightly integrated with the Access Request Management engine, Roles are maintained in BRM, these same roles are updated immediately for use in access requests
Ensure consistency in naming conventions
Track the status of the role during maintenance Be the central repository for role management Identify duplicate or nearly duplicate roles
Identify roles that may no longer be needed
GRC 10.0 BRM Sample Screen
SAP GRC – The Solutions Access Control 5.3 & 10.0 • • • •
Compliant Provisioning/ Access Request Manag: Access Management Enterprise Role Management/ Business Role Manag: Business Role Governance Super Privilege Management/ Emergency Access Manag : Super Risk Analysis and Remediation/ Access Risk Analysis : Risk Analysis
GRC – Process Control GRC – Risk Management
GRC – Global Trade Services GRC – Sustainability GRC – Environmental Health & Safety Compliance
What is difference.. From a technical perspective, SAP has moved from Java programming language to the Advance Business Application Programming (ABAP) platform, which enable consistent security and standardize configuration settings between GRC 10.0 products. This standardization allows centralized across all components, and the solution`s new platform improves changes management processes by leveraging SAP`s standard transport system and background job scheduling and archiving features. GRC 5.3
GRC 10
Netweaver ABAP/JAVA
Netweaver ABAP/Java
SAP ECC/ R/3
SAP ECC/ R/3
Access Request Management
• Automates provisioning • Tests for segregation of duties issues • Streamlines approvals to unburden IT staff
GRC ECC
BI
CRM
Few Imp features of GRC ARM: AC product includes some pre-delivered workflows for access management: One significant enhancement is the ability to incorporate MSMP workflow configuration into access approval routing MSMP : Multi Stage Multi Paths One initiator rule ID Agents/Approver : Role, Custom Group, Agent ID & group Mass Creation.
Access Request Analysis
ARM
ARA
BRM
EAM
Risk Analysis and Remediation , which s real-time compliance to detect, remove and prevent access and authorization risks by preventing security and control violations before they occur. Real-time compliance to detect, remove, and prevent access and authorization risk by controlling violations before they occur The ability to perform mass mitigation of SoD risks at the or risk level will allow business s and control owners to experience increased productivity by reducing time spent on the mitigating access risks
Why ARA
Build Rules
Risk Analysis at Action / permission levels Reports
Remove access Or Mitigate
Free from violations
Ability to filter, Save reports and run multiple and custom risk analyses simultaneously custom risk analyses simultaneously : transaction code and permission level can save risk reports in PDF file.
Crystal Reports is not integrated in GRC 10.0 solution, enabling report customization and the of charts and graphs to represent risk analysis GRC 10 give mass mitigation of SoD risk at the or risk level will allow business s and control owners to experience increased productivity by reducing time spent on mitigation access risks. In previous versions of the GRC suite, mitigation only could be applied to one across all systems (instead of a subset of system)
Centralized Emergency Access
No SAP_ALL
.
SD FF ID Log
• • • • •
MM FF ID Log
FICO FF ID Log
Preassigned firefighter IDs Access restrictions Validity dates Field-level changes tracked in audit log Easy Monitoring
PP FF ID Log
GRC 10.0
ECC 6
BI system
CRM system
ECC 6
Super- monitoring capabilities have been moved to a centralized environment in GRC 10.0 Previously Firefighter had to be installed and configured for each target system. This will allows monitoring of emergency access from one GRC system and streamlining of the istration process
Business Role Management The Business Role Management component of the GRC solution automates role definition and management of roles
Provides SAP Security s, Role Designers, and Role Owners with a simplified means of documenting and maintaining important role information Access Control can be the central repository for all SAP systems connected in the landscape
Business Role Management is tightly integrated with the Access Request Management engine, Roles are maintained in BRM, these same roles are updated immediately for use in access requests
Ensure consistency in naming conventions
Track the status of the role during maintenance Be the central repository for role management Identify duplicate or nearly duplicate roles
Identify roles that may no longer be needed
GRC 10.0 BRM Sample Screen
Related Documents 3m3m1z
Grc Overview 4x6669
November 2022 0
Grc Rar Overview 27611e
November 2019 50
Sap Grc Eam Overview 656f23
April 2020 30
Sap Brazil Grc Nfe Overview 3a5v5h
December 2021 0
Grc b2e2l
December 2019 83
Sap Grc 10 Overview And Modules 231x1g
November 2019 47More Documents from "Trinadh Bokka" 3j3u46
Grc Overview 4x6669
November 2022 0
Pointer Sentinel Mixture Models.pdf 4y3u2r
March 2023 0
Two Year Bed Programme Syllabus 2015 17 385z73
October 2022 0
Madras University Courses 252y6l
December 2019 92
Agaad.pdf 2j123
August 2022 0