Am in the process of implementing GRC 10 with the following components for a pharma client.
Access Risk Analysis (ARA)
Access Request Management (ARM)
Emergency Access (Firefighter)
Business Role Management (BRM)
I just wanted to know your views on what kind of approach is better?. Please comment your views with your best approach.
My view is to first implement ARA and EAM together and then go ahead with ARM and BRM packed together.
Thank You for your idea.