on 09-22-2010 9:24 PM
Hi,
Can someone bring me up to speed on "updates to SAP GRC Ruleset.?"
Our company has been using GRC (AC-RAR-5.3_07.) for almost two years now. At the implementation of the tool, we were provided with an "out of the box" generic ruleset which we used as a guideline for the structure of our environment.
Now as we are progressing; I'd like to know how oftern SAP provides updates to the standard GRC ruleset? Where do we get these? What are other folks doing to give consideration for the new changes? How often are other companies reviewing the new data?
Your help is greatly appreciated!
Regards,
Please check the SAP Notes referred below:
SAP Note 1373465 - Rule Upload and Rule Import - Explanation of functions
SAP Note 1033326 - Risk Analysis and Remediation Rule Upload guidance
SAP Note 986996 - GRC Access Control- Best Practice for Rules and Risks
Regards,
Dipanjan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
jmsreyes ,
best method is to create one message with GRC every quarter and they will update you with correct information
regards,
Surpreet
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I would really guard against updating your ruleset with the SAP standard one every time.
The SAP ruleset is there as a kick start or accellerator. Once you have reviewed it initially, you need to ensure that it fits your organisation's needs. It is deliberately generic as it is designed to assist the majority of companies to start classifying risks.
Once you have localised it to your requirements, you should assess against internal requirements (and your auditors) not just take a global view from SAP's standard.
Simon
Wrong thread - moving post
Edited by: TDCumm16 on Sep 22, 2010 5:06 PM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You have to search for them.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
SAP deliver Rule SEt updates every quarter. Last one is published under SAP note 1446680: Note 1446680 - Risk Analysis and Remediation Rule Update Q2 2010.
You get this updates from SAP Marketplace.
Check also SAP Note 986996.
Hope it helps. Best regards,
Imanol
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.