- SAP GRC - Creating Business Rules
- Data Sources and Business Rules
- Installation and Configuration
- SAP GRC - Workflow Integration
- Assigning Mitigation Controls
- SAP GRC - Enhanced Risk Analysis
- SAP GRC - Implementing Superuser
- SAP GRC - Superuser Privilege
- SAP GRC - Mitigation Controls
- SAP GRC - Risk Remediation
- SAP GRC - Risk Management
- SAP GRC - SoD Risk Management
- Process Control Work Centers
- SAP GRC - Audit Universe
- SAP GRC - Integration with IAM
- Integration with Access Control
- Access Control Launchpad
- SAP GRC - Authorization
- Access & Authorization Mngmt
- Access Management Work Center
- SAP GRC - Access Control
- SAP GRC - Navigation
- SAP GRC - Overview
- SAP GRC - Home
SAP GRC Useful Resources
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
SAP GRC - Enhanced Risk Analysis
You can implement enhanced risk analysis using organization rules. In shared service business units, you can use organization rules to achieve procedures for risk analysis and management of user groups.
Consider a case where a user has created a fictitious vendor and invoices have been generated to gain financial benefit.
You can create an organization rule with company code enabled to epminate this scenario.
Following steps should be performed to prevent this situation −
Enable organization level fields in functions
Create org rules
Update org user mapping table
Configure risk analysis web service
Enable organization level fields in functions
Follow these steps to enable organization level fields in functions −
Find out functions to be segregated by organization level in shared service environment.
Maintain permissions for affected transactions.
Create organization rules
Follow these steps to create organization rules −
Step 1 − Create organization rules for every possible value of organization field.
Step 2 − Go to rule architect → Organization level → Create
Step 3 − Enter the organization rule ID field.
Step 4 − Enter the related task.
Step 5 − Define organization level field and combine them with Boolean operators.
Step 6 − Cpck Save button to save the Organization rule.
Benefits of Using Organization Rules
Let us now understand th benefits of using organization rules.
You can use organizational rules for companies to implement following features −
You can use organization rules to implement shared services. They segregate duties with the help of organizational restrictions.
Go to Risk Analysis → Org Level
Perform a risk analysis of analysis type Org Rule against a user
You will receive the following output −
The risk analysis will only show a risk if the user has access to the same specific company code in each of the confpcting functions.