Skip to Content

SOD Ruleset SP20

Feb 04 at 11:36 AM


avatar image


SOD ruleset SP20 contains the FIORI ruleset but these have been delivered as Logical components.

For FIORI do we have to create a cross system risk or logical risks.

A risk contains - 2 Fiori app functions and 2 backend functions.

My query is around how do we define a risk when we have a frontend FIORI system and backend S/4 HANA system



10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

3 Answers

Johannes Teufel Feb 05 at 02:16 PM

according to Note 2539742, there are 2 BC-Sets available, one should be activated on the Fiori frontend server the other one on the backend;from GRC side you can - of course - setup a cross-system check, but as I understand the concept, there is no need; the PFCG roles maintained in the backend require the S_SERVICE object which "represents" technically the authorization to execute the Fiori App.
So a SoD check in the backend seems sufficient.

The Fiori frontend server - as a standalone basic ABAP stack -. would from my perspective only require SoD checks for the BC modules (i.e. transport + workbench), but not for the buisness processes.

10 |10000 characters needed characters left characters exceeded
Shivendra Kumar Pandey Feb 25 at 09:40 AM

Hi Ritesh,

I am also looking to get S4 rule set which can run risk analysis in GRC and how to design custom rule set for S4/fiori apps.

Please share if rule set available.



Show 1 Share
10 |10000 characters needed characters left characters exceeded


You can install the SP20 of GRC 10.1 or GRC V8000 SP06 for S4HANA

Note that there is note - 2539742 which has latest updates. The correction and FIORI ruleset is in KBA 2600114

RITESH SONI Feb 14 at 03:26 AM

Thanks so much for the answer and your time. The new rule set has a risk which is a combination of Functions from FIORI and Backend and all these functions are Single system scope.

10 |10000 characters needed characters left characters exceeded