Skip to Content
avatar image
Former Member

Impact analysis in SAP GRC BRM

Dear experts,

I would like to understand the purpose of impact analysis for user and business roles in GRC access control - BRM, and how it is different from normal risk analysis.

I have gone through different thread, notes and was not able to find the relevant information.

Thanks in advance,

Trilok kola.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • avatar image
    Former Member
    Jun 21, 2017 at 12:49 PM

    It is fundamentally a simulation of what new violations would be introduced in any related composite/Business roles that would be updated, as well as the impact if those very same roles are already assigned to existing users.

    Add comment
    10|10000 characters needed characters exceeded

  • Jun 30, 2017 at 03:39 PM

    BRM Impact Analysis

    BRM Role change process involves Risk Analysis and Impact Analysis

    1. Risk Analysis – To make sure that the role being created/modified don’t have any SOD violations.

    2. Impact Analysis – To make sure that the role being created/modified doesn’t create any SOD violations for the users already assigned to it or the Composite/Business roles using it.

    Thanks

    Ramesh

    Add comment
    10|10000 characters needed characters exceeded