Skip to Content
0

New Risk Creation - GRC

Feb 02 at 04:39 PM

73

avatar image

new-risk-creation.png

Dear Team,

What is the difference between each Risk Types ( Screen Shots ) and when and under which circumstances should each of these selections be used ?

How is each different from other ?

New Risk Creation Options : -

Risk Type: -

- Segregation of Duties

- Critical Action

- Critical Permission

- Thanks

Raj

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Alessandro Banzer
Feb 02 at 07:58 PM
0

Dear Raj,

looks like you didn't search enough. Check this out: https://blogs.sap.com/2014/04/28/rule-set-rules-rule-types/

If, after reading this blog, you still have questions, please come back and ask them.

Cheers, Alessandro

Share
10 |10000 characters needed characters left characters exceeded
Rajashekar BC Feb 03 at 02:11 PM
0

Dear Alessandro, One of the prime reasons of what ever foundation knowledge of GRC Access Control I know, is because of your blogs. They are coliseum and helpful. Thank You for that!

We encountered an precarious instance. Here it is { With Chart Screen Shot } : -

Activation of SAP provided risks for Business Process: - HR and Payroll for sensitive actions : -

Option 1: - If HR07 – HR Master data function is the only function which might cause a risk ( because of the actions and permission levels in this function ) then risk HRMD with Critical Action has to be activated.

Option 2: - If it is between A. Action and permission levels of one function HR03, B. Action and permission levels of another function HR06 & C. Action and permission levels levels of an additional function HR07 then risk types to be selected ( + activated ) will be: -

  • Critical Action risk ID HRMD for function HR07
  • Critical Action risk ID HRCT for function HR06
  • SoD risk ID H001, H007, H008, H014, H015 for function HR03 have to be activated.

Which option has to be considered for activation. Will it be risk ID of Option 1 or risk id's of Option 2 ?

Your views on the process to be followed.

- Thanks


03-02-2018.png (52.0 kB)
Share
10 |10000 characters needed characters left characters exceeded