Skip to Content
0

PURPOSE OF ACCESS CONTROL COMPONENTS IN GRC

Jun 04, 2017 at 08:57 AM

126

avatar image
Former Member

Hello GRC Team,

CAN ANY ONE EXPLAIN ABOUT THE PURPOSES OF ACCESS CONTROL COMPONENTS AND IN WHAT SCENARIOS WE WILL USE ALL THE ACCESS CONTROL COMPONENTS --> EAM, ARA, BRM & ARM


THANKS

ACHIKI

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

1 Answer

Raj K
Jun 14, 2017 at 05:34 PM
0

Hi Achiki,

GRC Access Control is used for automating the User and Role administration by using workflows ( MSMP and/or BRF+) with just submitting a request.

Below is the description at very very high level, just to give what it is about only.

EAM - Emergency Access Management is all about firefighting activities ( Example a Finance business user doing the Month end activities which are not performed in his day to day activity) where we maintain Firefighter(FF) Owner, FF ID, Controller, Monitor.

ARA - Access Risk Analysis is all about Analyzing the Risk when a new/enhanced role is assigned to user based on Ruleset which contains Risk associated with Actions/permissions.

BRM - Business Role Management is all about maintaining the Roles which will be classified (Critical/High/medium/Low risk), maintaining Role Content owners and Role assignment owners. These are the roles given to users which gives authorization for them to perform their tasks.

ARM - Access Request management is all about Raising the request for the user. It can be adding a user in the backend ECC/SCM system(for example) with necessary roles, Locking or Unlocking the Users, adding or removing roles, Assigning FF ID to user etc.

In order to happen all this, configuration needs to be done for each of the above component.

For more details for each, you can refer to the below blog which is the solid consolidated information from Alessandro Banzer

https://blogs.sap.com/2014/08/19/sap-access-control-useful-documents-blogs-resources-etc/

Regards

Raj

Share
10 |10000 characters needed characters left characters exceeded