Skip to Content
author's profile photo Former Member
Former Member

GRC 10 work can cater multiple ECCs?

Hello Experts,

I have the below scenario;

1) System "A" - ECC 6 with GRC 10.X

2) System "B" ECC 6

Can we make 2 separate policies in System "A" as GRC Policy "GRC-A" and GRC-B". Now used the Policy GRC-A with System A and connect GRC-B Policy with System B?

Is this possible?

Thanks,

Farooq

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Dec 05, 2014 at 03:44 PM

    Hi Farooq,

    what do you mean by policy? If you are talking about the rule set used in Acess Risk Analysis you can specify several rule sets dedicated to systems.

    Regards,

    Alessandro

    Add a comment
    10|10000 characters needed characters exceeded

    • HI Farooq

      AS you mentioned policy I thought you were asking about PC or RM

      yes you can have multiple ECCS. Map them to a different logical system. In complex landscapes, a company might have dedicated systems for process areas, regions and/or companies.

      for example you might have an ecc system for HR/Py and one for finance. your risks would be different for each system.

      regards

      Colleen

  • author's profile photo Former Member
    Former Member
    Posted on Dec 05, 2014 at 10:47 PM

    Thank you Colleen, I think I know the answer based on your feedback but I just wanted to confirm base on the below diagram, Is the below requirement in the picture achievable?

    Thanks in advance.

    Farooq


    Capture2.PNG (14.1 kB)
    Add a comment
    10|10000 characters needed characters exceeded

    • Hi Farooq

      I thought that's what you meant. But I also took your diagram to mean a "shared common set of rules" and own systems.

      At the end of the day you need 3 logical systems to cover your 3 scenarios in the integration framework.

      Within the rule set definition it's the function data that references system. So you would need to maintain the functions to action/permission mapping for each of your 3 scenarios.

      For example

      North America

      FUNC_A is for connector ECC_NA with Action ABC

      FUNC_B is for connector ECC_NA with Action CDE

      RISK A is then FUNC_A and FUNC_B

      Rule generated would be ABC with CDE

      Europe

      FUNC_C is for connector ECC_EU with Action DEF

      FUNC_D is for connector ECC_EU with Action GHI

      RISK B is then FUNC_C and FUNC_D as a combination

      Rule generated would be combination of DEF and GHI

      Global

      FUNC_E is for connector ECC_GBL with Action JKL

      FUNC_F is for connector ECC_GBL with Action MNO

      RISK B is then FUNC_E and FUNC_F as a combination

      Rule generated would be combination of JKL and MNO

      You can then build your 3 rule sets and map the appropriate risks to them

      RULESET_NA - RISK_A

      RULESET_EU - RISK_B

      RULESET_GLB - RISK_C

      Also, you could have a 4th scenario for 'GLOBAL' that applies to all of them. This could cover system admin access so you only need to map the functions to actions onece. Within the integration framework you would then assign your 3 ECC system to the GLOBAL system. In this situation, each connector would be mapped to 2 logical systems. I must admit, I have not tried this but visualise it occurring this way to prevent duplication.

      If you didn't do the 4th logical system for shared you would then have to map each system to action for the same function. For example, SU01 would then be

      FUNC_SU01 is for connector ECC_NA with Action SU01

      FUNC_SU01 is for connector ECC_EU with Action SU01

      FUNC_SU01 is for connector ECC_GBL with Action SU01

      Let me know if this makes sense. I recommend you prototype with a small rule set and play around with the mappings to come up with your solution. It sounds like your system landscape is more complex than most due to regional systems.

      Regards

      Colleen

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.