Skip to Content
avatar image
Former Member

PURPOSE OF ACCESS CONTROL COMPONENTS IN GRC

Hello GRC Team,

CAN ANY ONE EXPLAIN ABOUT THE PURPOSES OF ACCESS CONTROL COMPONENTS AND IN WHAT SCENARIOS WE WILL USE ALL THE ACCESS CONTROL COMPONENTS --> EAM, ARA, BRM & ARM


THANKS

ACHIKI

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Jun 14, 2017 at 05:34 PM

    Hi Achiki,

    GRC Access Control is used for automating the User and Role administration by using workflows ( MSMP and/or BRF+) with just submitting a request.

    Below is the description at very very high level, just to give what it is about only.

    EAM - Emergency Access Management is all about firefighting activities ( Example a Finance business user doing the Month end activities which are not performed in his day to day activity) where we maintain Firefighter(FF) Owner, FF ID, Controller, Monitor.

    ARA - Access Risk Analysis is all about Analyzing the Risk when a new/enhanced role is assigned to user based on Ruleset which contains Risk associated with Actions/permissions.

    BRM - Business Role Management is all about maintaining the Roles which will be classified (Critical/High/medium/Low risk), maintaining Role Content owners and Role assignment owners. These are the roles given to users which gives authorization for them to perform their tasks.

    ARM - Access Request management is all about Raising the request for the user. It can be adding a user in the backend ECC/SCM system(for example) with necessary roles, Locking or Unlocking the Users, adding or removing roles, Assigning FF ID to user etc.

    In order to happen all this, configuration needs to be done for each of the above component.

    For more details for each, you can refer to the below blog which is the solid consolidated information from Alessandro Banzer

    https://blogs.sap.com/2014/08/19/sap-access-control-useful-documents-blogs-resources-etc/

    Regards

    Raj

    Add comment
    10|10000 characters needed characters exceeded