Skip to Content
author's profile photo Former Member
Former Member

Compliance Calibrator 5.2 RTA for Non-SAP Apps

Hi all,

Can SoD rules be written for analyzing a Users access to SAP and NON-SAP applications across the enterprise?

If yes will CC RTA need to be installed on the NON-SAP application?

If yes are there any requirements that need to be met by NON-SAP application and is there a list of NON-SAP applications (other than-Peoplesoft, Oracle, Hyperion, JD Edwards) that CC has an RTA for?

Is there any documentation specific to aplications that can support CC RTAs and installation on these?

-Cheers

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • author's profile photo Former Member
    Former Member
    Posted on Sep 19, 2007 at 03:03 PM

    Hi,

    Yes SoD rules can be written for analyzing user accesses to SAP and non-SAP applications.

    Basically there is no other application for which an RTA exists, but there is a documentation discussing the technical requirements for file generation from the non-SAP systems for integration of non-SAP Systems with SAP Compliance Calibrator.

    This documentation is available in http://service.sap.com/rkt-grchttp://service.sap.com/rkt-grc">http://service.sap.com/rkt-grc>

    under SAP GRC Access Control 5.2 -> SAP GRC Compliance Calibrator 5.2 -> Step2: Prepare for your project -> Cross Application Material

    You'll need your OSS user-id to access that page; in case you cannot access it, please post a message in the OSS.

    Rgds,

    Karim

    Add a comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      As customer, you should have access to that place; please post a message in the OSS (SAP Support Portal) indicating the URL you try to access and the fact you cannot access it.

      Thanks to that, you'll also have access to other interesting material

      Karim

  • author's profile photo Former Member
    Former Member
    Posted on Sep 20, 2007 at 10:47 PM

    Hi,

    For non SAP Systems where RTA is not available, you can perform risk analysis using offline risk analysis.

    The main steps for this are the following:

    - Integration between frontend (CC) and backend (non SAP System)

    - User / Role / Profile data extraction from non SAP System into flat files following CC Data Mapping templates

    - Load such data into CC Database using CC Data Extractor

    - Perform risk analysis

    Hope this helps. Regards,

    Imanol

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.