Skip to Content
avatar image
Former Member

Mitigation controls for cybersecurity in GRC AC

Hi Experts,

We are implementing cybersecurity in our company which covers IT and OT security. Can anyone please advise if we can leverage GRC 10.X mitigation controls capability and include our cybersecurity controls ?



Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Jun 19, 2015 at 11:02 AM

    If it in anyway concerns someones SAP authorisation accesses, you should be able to.

    Are you planning to utilise the Mitigating Control library to document non-SAP risks? Or are you utilising SAP reports to monitor non-SAP related security issues?

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      No harm in using the GRC AC mitigating controls repository like a documentation library, but it will just sit there as a definition and have no real monitoring ability, even in the forms of a GRC report.

      Unless you are using 3rd party connectors to connect to the Non-SAP system and analyse Action level violations.

      Hope that answers your question.