SAP GRC - Integration with Access Control


Advertisements

In SAP GRC 10.0 solution, the master data and organization structure is shared across access control, process control and risk management. Process Control also shares certain capabilities with risk management process.

Following are the key features shared with Access Control −

  • Access control and process control shares the compliance structure in below areas −

    • In process control solution, controls are used as mitigation control in access control under SAP GRC 10.0 solution.

    • Access control and process control share same organization.

    • In process control, processes are used as business processes in access control.

    • Process control and access control are integrated with access risk analysis to monitor segregation of duties SoD.

The menu areas common to both Process Control and Risk Management are −

  • GRC Role Assignment
  • Process Control Planner
  • Risk Management Planner
  • Central Delegation
Menu Area

The following are the key integration points between Process Control and Risk Management −

  • New control points can be purposed for Process Control in Risk Management.

  • When a new control is proposed, Process Control needs to evaluate the request from Risk Management.

  • Risk Management uses results from Process Control to evaluate new controls.

  • Risk Management can also use existing controls from Process Control as responses in Risk Management.

Advertisements