on 02-04-2018 11:36 AM
Hi,
SOD ruleset SP20 contains the FIORI ruleset but these have been delivered as Logical components.
For FIORI do we have to create a cross system risk or logical risks.
A risk contains - 2 Fiori app functions and 2 backend functions.
My query is around how do we define a risk when we have a frontend FIORI system and backend S/4 HANA system
Regards,
Ritesh
according to Note 2539742, there are 2 BC-Sets available, one should be activated on the Fiori frontend server the other one on the backend;from GRC side you can - of course - setup a cross-system check, but as I understand the concept, there is no need; the PFCG roles maintained in the backend require the S_SERVICE object which "represents" technically the authorization to execute the Fiori App.
So a SoD check in the backend seems sufficient.
The Fiori frontend server - as a standalone basic ABAP stack -. would from my perspective only require SoD checks for the BC modules (i.e. transport + workbench), but not for the buisness processes.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ritesh,
I am also looking to get S4 rule set which can run risk analysis in GRC and how to design custom rule set for S4/fiori apps.
Please share if rule set available.
Thanks,
Shivendra
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks so much for the answer and your time. The new rule set has a risk which is a combination of Functions from FIORI and Backend and all these functions are Single system scope.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
13 | |
2 | |
2 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 | |
1 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.