Compliance Forum March 27 on Access Control 10.0

Practical tips for implementing - and integrating -
the 4 components of Access Control 10.0:

Q&A with SAP GRC expert Simon Persin

You have various deployment options for the 4 individual components of SAP BusinessObjects Access Control 10.0. But there are also powerful integration options for risk analysis (RAR), user provisioning (CUP), role management (ERM), and super user management (SPM). How can you fully optimize Access Control for your organization?

Post your questions in an exclusive one-hour online Q&A with expert, consultant, and GRC 2012 speaker Simon Persin of Turnkey Consulting, Tuesday, March 27 at 11am-12pm EDT here in the Compliance Forum.

To post your question, first log in to Insider Learning Network, and select the “Post Reply” button below.

Simon will respond to your questions with his own  posts in the forum March 27 from 11am -12 pm EDT. Be sure to refresh your browser to view the latest questions.

If you haven't registered for this Q&A, you can still register now to receive the Access Control performance checklist download from Simon Persin’s GRC 2011 session “An Expert Guide to Access Control Performance Optimization”. (Look for the download link in your confirmation email.)

Note: To participate in this exclusive live Q&A you must be a member of Insider Learning Network - join today for free.

Moderated by Allison Martin, conference producer for GRC 2012

Sponsored by GRC 2012 - Milan June 6-8

Hi Simon.

• Which one has less efforts and lest risk, upgrade from GRC 5.2 to GRC.10.0 or easier to do fresh installation?
• If we have to fresh installation, can we export the configuration from 5.2 and put into GRC 10.0.

Cheers.

Sandy

Welcome to today's forum on Access Control 10.0 with Simon Persin of Turnkey Consulting. Simon is a featured speaker at GRC 2012 in Milan, coming up June 6-8, and will be presenting a session on today’s topic: Integrating & implementing the 4 components of SAP BusinessObjects Access Control 10.0.

To post your question, simply hit the “Post Reply” button, and refresh your browser periodically to see the latest posts.

This is an opportunity to ask your questions about Access Control 10.0, its functionality, and how to integrate this functionality for optimal security and controls in your SAP systems.  

Welcome, Simon, and thank you for joining us today! I know there are already some questions posted for you, so we can get started.

Mar 22, 2012 -- 6:21PM, Perla Priscila wrote:

Hi Simon,

What would be the secuence and frecuency recommended to run the ABAP jobs (programs: GRAC_REPOSITORY_OBJECT_SYNC and GRAC_BATCH_RISK_ANALYSIS), that update the Reports & Analytics results in SAP GRC Access Control 10.0 for Access Management?

Best regards,

Perla S.

Hi Perla,
With the synchronisation jobs, I would tend to have them all as scheduled periodic background jobs and would suggest the following frequency:

Authorisation Sync – Perhaps weekly or even less frequently depending on the volume of changes to the core authorisations in the Target system
Repository Object sync – Hourly
Action usage – Daily
Role usage – Daily

I would then run an incremental Batch Risk Analysis on a daily basis after the jobs above.
I would also recommend a monthly or weekly full sync to make sure that everything is up to date (ideally outside of core business hours).
Simon

Simon,

In GRC 10, is there any restriction in number of SOD rule within a risk as like in GRC 5.3?