Skip to Content
0
Mar 11, 2015 at 06:31 PM

Information about authorization objects and function i.d.s in the GRC assessment.

49 Views

We have created customized transactions in our Utility Company that have not been correctly assessed in GRC. They have all come back with no risk level. These transactions are usually modelled after standard SAP transactions, with additional functionality.

My objective is to have these transactions assigned the correct authorization object and function i.d.s. As I understand it, function i.d.s group related transactions that allow our Security Analyst to perform the GRC assessment. However, I have to first "tag" these custom transactions with the i.d. before the assessment can be done.

For example, we have "ZF01-Maintain Billing Master Data" as a function i.d. We have grouped all the transactions that are related to the master data of a service address of customer under it.

I am trying to correctly assign similar function ids to the custom transactions.