SAP GRC Tutorial
SAP GRC Useful Resources
Selected Reading
- SAP GRC - Creating Business Rules
- Data Sources and Business Rules
- Installation and Configuration
- SAP GRC - Workflow Integration
- Assigning Mitigation Controls
- SAP GRC - Enhanced Risk Analysis
- SAP GRC - Implementing Superuser
- SAP GRC - Superuser Privilege
- SAP GRC - Mitigation Controls
- SAP GRC - Risk Remediation
- SAP GRC - Risk Management
- SAP GRC - SoD Risk Management
- Process Control Work Centers
- SAP GRC - Audit Universe
- SAP GRC - Integration with IAM
- Integration with Access Control
- Access Control Launchpad
- SAP GRC - Authorization
- Access & Authorization Mngmt
- Access Management Work Center
- SAP GRC - Access Control
- SAP GRC - Navigation
- SAP GRC - Overview
- SAP GRC - Home
SAP GRC Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
SAP GRC - Risk Remediation
SAP GRC - Risk Remediation
In SAP GRC 10.0 Risk Management, risk remediation phase determines the method to epminate risks in roles. The purpose of the remediation phase is to determine alternatives for epminating issues under risk management.
The following approaches are recommended to resolve issues in roles −
Single Roles
You can start with single roles as it is easy and simplest way to start.
You can check for any Segregation of Duties SoD violations from being reintroduced.
Composite roles
You can perform various analysis to check the user assignment on the assignment or removal of user actions.
You can use Management view or Risk Analysis reports for analysis as mentioned in previous topic.
In Risk Remediation, Security Administrators should document the plan and Business Process Owners should be involved and approve the plan.
SAP GRC — Report Type
You can generate different Risk Analysis reports as per the required analysis −
Action Level − You can use it to perform SoD analysis at action level.
Permission Level − This can be used to perform SoD analysis at action and permission levels.
Critical Actions − This can be used to analyze the users who have access to one of the critical functions.
Critical Permissions − This can be used to analyze users having access to one critical function.
Critical Roles/Profiles − This can be used to analyze the users who has access to critical roles or profiles.