Quantcast
Channel: SCN : Popular Discussions - Governance, Risk and Compliance (SAP GRC)
Viewing all 1383 articles
Browse latest View live

security grc interview questions

May 19, 2011, 10:43 am
$
0
0

1. What are the components of GRC?

2. What are the upgrades happened in GRC 5.3 from GRC 5.2?

3. Is it possible to have a request type by which we can change the validity period of a user? If possible, then what are the actions?

4. What's the latest Support Pack for GRC 5.3? How it differs from the previous one?

5. What are the issues faced by you in ERM & CUP after golive?

6. Can we change Single roles, objects & Profile description through mass maintenance of role? If yes, how?

7. What are the prerequisites for creating a workflow for user provisioning?

8. How will you control GRC system if you have multiple rulesets activated?

9. Can we view the changes of a role, happened in PFCG, through GRC?

10. How will you mitigate a user against an authorization object which is decided as sensitive by Business?

11. Give an example of SOD with object level control & also decide the Risk implication from the Technical standpoint.

12. Is it possible to assign two roles with different validity period to a user in one shot through GRC? If yes, how?

13. What's the use of Detour path? How Fork path differs from Detour path?

14. How can you enable self password reset facility in GRC?

15. Can we have customized actions for creating request types in CUP?

16. Which SOX rules got inherited in SAP GRC?

17. How many types of Background job you are familiar with? Why Role/Profile & User Sync. job is required?

18. Where from can we change the default expiration time for mitigating controls? What's the default value for the same?

19. How will you do the mass import of role in GRC?

20. Explain the total configuration & utility of SPM?

21. Can we create Logical systems in GRC? If yes, how & what can be the advantages & disadvantages of the same?

22. Can we have different set of number ranges activated for request generation?

23. Explain, how can we create derived roles in ERM? What will be the significant changes in methodology for creating composite roles?

Search

SAP GRC FI Standard SOD Matrix..

July 22, 2012, 6:22 pm
$
0
0

Hi Gurus,

 

Can you one guide me to find a Standard FI SOD Conflitcs matrix...

 

JC

GRC 10 : EAM Logs are showing 'No Records'

May 3, 2012, 5:48 am
$
0
0

Hello  Experts,

 

I am working on GRC 10 EAM configuration at SP07.

 

The EAM Firefighting scenario is working on ie.Firefighter can login to backend R3 system and performed

 

FF activities but when i update the FF Logs GRC system doesnt show any logs in the system.

 

The logs are present in R3 system in STAD, CDPOS, SM20 etc.

 

The TIme Zones are same in both GRC and R3 system.

 

But Except Table GRACFFLOG.

 

NO other Log related table is getting updated after running log update Sync job successfully.

 

Please let me know if anybody has faced this issue or any advise on what is need to be checked.

 

Any help is much appreciated.

 

Regards,

Yatin Phad

Multiuser User provisioning error

October 29, 2014, 8:47 am
$
0
0

Hi All

 

We are using GRC AC 10.1 SP7 - when trying to provision multiple users, the email with password is sent  to all with only password of first user in the list. Other users are not getting their passwords. Notifications for single user requests are working fine. Please suggest.

 

Thanks

Ahmed

Dashboard-drilldown is empty for only one connector

October 30, 2014, 11:31 pm
$
0
0

Hello Gurus,



I am getting below issue only for one connector. On all other connectors I am getting perfect output.


I am executing user analysis in Access Dashboard. I am getting the correct graph but when I am trying to drill it down by clicking on graph, I am not getting any data.


Wondering if someone has faced similar issue.



Regards,


Gaurav

CUP Risk Analysis Failed / Read timed out

August 28, 2014, 9:15 am
$
0
0

Hello there,

 

 

 

when I run the risk analysis via CUP  for some requests is failed and read Timed Out

 

 

I have applied the SAP Note 1564243 SAP Note 1121978 and But that still does not work,

 

 

Can you help me ? and do you Have you any suggestions?

 

 

Thank you in advance

GRC AC-Password self service

March 14, 2013, 4:52 am
$
0
0

Hi experts,

 

Looking for solution on how to implement PSS in GRC AC10 with the following option:

 

Steps are

 

1. User wants to reset his/her password.

2. Goes to NWBC Link

3. Put the user id

4. Clicks on < Forgot Password >

5. Security question is asked

6. User gets a mail in his/her mail box with a link to reset the password

 

Regards,

Sudha M

GRC 10.1 new functionalities

June 12, 2013, 11:18 pm
$
0
0

Hello,

Anyone saw a presentation of GRC 10.1? What about new functionalities? (in particular in AC)

It looks likes the ramp up will be available for customers from tomorrow...

Julien

Search

MSMP - workflow in GRC AC10.0 (SP13)

November 4, 2014, 1:53 pm
$
0
0

Dear Experts:

 

 

One question: Access Request Creation: As per current MSMP settings we have; escalation after 4 days for the role owners. Our roles have no alternate approvers - so, I am sending the escalation requests to the same role owners again. (GRAC_MSMP_ROLEOWNER_AGENT) - If I use GRAC_AR_ROLE_ALT_APPR agent - it takes escape route. (Message: Approver not found; Applied Escape route)

 

 

Issue: NOW, if a request is created for 3 roles and 2 of them has approved before escalation and one is still pending, - after escalation, the request goes to all 3 of them again - instead of PENDING approver only. So, all the role owners have to approve the same request again - which is double work for them.

 

 

What agent should I use in MSMP? Any idea? OR - what should I be doing to send the escalations to the remaining approvers only??

 

 

Please advise.

 

Regards

Ashish


We are on GRC 10.1 SP6 and user level risk analysis not working

November 6, 2014, 7:15 pm
$
0
0

Hi,

We are on GRC 10.1 SP6 just upgrade from GRC 10.0 SP6 and User level risk analysis not working but Role/Profile risk analysis working fine.

when I ran user level risk analysis it says " no data found " and role/profile risk analysis gives sod risks (critical,high,medium and low).

I regenerated SOD Rules and ran synch jobs ->auth synch,repository object synch and ran batch risk analysis but same issue...and checked all configuration settings are ok.

Prerequisites for GRCPINW add-on

April 4, 2012, 7:50 am
$
0
0

Just reading through OSS note 1497971 to check pre-requisites for the GRC AC add-on for my R/3 4.7 system. I noticed it lists these minimum support pack levels:

 

SAP_BASIS
SAPKB62063
SAP_ABA
SAPKA62063

 

 

 

 

 

Mine are, er, just a little below that (well, OK, quite a lot below that). Does anyone know if these are just recommended support pack levels, or are they actually required? Has anyone installed the addons on a system with a lower support pack? How low? Did it work?

 

Are there specific things needed that could be added independently of whole support packs?

 

We are going to be upgrading R/3 to ERP 6 later this year, but I wanted to get the GRC 5.3 -> 10.0 upgrade done first. Given the pending R/3 upgrade there's no point in going through the process up applying support packs to get them up to date, so if there's no way around this I'll just have to postpone the GRC upgrade.

 

Thanks,

Steve.

What is the t-code for firefighter logon?

April 3, 2009, 2:45 pm
$
0
0

Sorry for the triviel question. Thanks!

workflow problems

October 29, 2014, 3:15 am
$
0
0

Hello colleagues!

I've got a problem during the tests of my workflow for SAP_GRAC_ACCESS_REQUEST process id.

I has the following stages (and agents) for path ZCOMMON_CREATE

with "Modify Task Settings" button I set needed Agent IDs. BTW what's the difference to set them with "Modify" button or "Modify Task Settings"?

 

I start my scenario and get the following error:

In the workflow log I see

"Failed to determine agent", but how?

On the stage GRAC_MANAGER starts standard FM that take a user from Manager field.

Could someone help me please?

Configuration for Workflow has been done according to the post-installation guide. With the same settings it works fine in another client of the system, but with different stages.

Or what can be wrong with TS76308025?


Regards,

Artem Ivashkin

GRC AC-Password self service

March 14, 2013, 4:52 am
$
0
0

Hi experts,

 

Looking for solution on how to implement PSS in GRC AC10 with the following option:

 

Steps are

 

1. User wants to reset his/her password.

2. Goes to NWBC Link

3. Put the user id

4. Clicks on < Forgot Password >

5. Security question is asked

6. User gets a mail in his/her mail box with a link to reset the password

 

Regards,

Sudha M

Update GRC Rule Set in DEV, QUA & PRD systems

November 3, 2014, 3:37 am
$
0
0

Hi All,

 

I need to make some amendments in Rule Sets for a few custom transaction codes.

 

I want to understand what is the best practice to do such updates, while keeping the systems in landscape in sync.

 

I am using GRC AC 10.0, three system landscape. Where GRC DEV is linked to ECC DEV, GRC QUA to ECC QUA and GRC PRD to ECC PRD.

 

Regards,

Piyush.

Search

SAP GRC FI Standard SOD Matrix..

July 22, 2012, 6:22 pm
$
0
0

Hi Gurus,

 

Can you one guide me to find a Standard FI SOD Conflitcs matrix...

 

JC

GRC 10.1 new functionalities

June 12, 2013, 11:18 pm
$
0
0

Hello,

Anyone saw a presentation of GRC 10.1? What about new functionalities? (in particular in AC)

It looks likes the ramp up will be available for customers from tomorrow...

Julien

Notification should be sent to Security team after request approved/Rejected.

November 8, 2014, 2:45 am
$
0
0

Hi All,

 

Currently we have 3 stages Manager;Role Owner & Security.

 

Now we want to remove security stage and notification should be sent to security team after approval /rejection.

 

For this I had gone to role owner stage and then notifications Settings and selected notification event as approved and template ID GRAC_AR_APPROVED and then in recepient ID how can i make security team option will be available there.

 

Please suggest on this.Thanks.

No email is triggered on New /change request

November 9, 2014, 6:34 pm
$
0
0

I am not getting mail, for New/Change requests. However, Mail is received for FF logins, UAR and SOD reviews. WF-BATCH has an email id set up. Notification settings are set , as shown below:

 

N.jpg

 

There is no stage level Notification maintained

 

Regards

Plaban

GRC AC 10.0 - MSMP Workflow is not sending email for Firefighter provisioning

April 11, 2012, 3:28 pm
$
0
0

Hi Gurus,

 

I have installed GRC - AC 10.0 and I want to configure EAM to allow automatically provisioning of Firefighter with following steps:

1. -In Access Management,  AC Owners, FF ids, Controlles, Reason Codes are setup in advance

2. - I can create a manual  Access Request for a Firefighter assignment and is functional without any issue

3. - Common workflow has been activated

4. - Email server has been configured and checked that can send emails

5. - In IMG  -> GRC -> Access Control -> Workflow for Access Control -> Maintain MSMP Workflow  I have activated SAP Process Id-s :

 

SAP_GRAC_ACCESS_REQUEST

 

using the default settings .

6. At Pct #5 Maintain Paths- Stage Definition- I have checked boxes - Approve by Email & Approve and I have Activated it.

Then, I create a access request again and no email is send it out to Owner.

In MSMP, in Pct #5, I have all for Process Id SAP_GRAC_ACCESS_REQUEST , I have left all 3 paths:

GRAC_MANAGER

GRAC_ROLEOWNER

GRAC_SECURITY

 

7. I have tried to activate other processes id-s:

SAP_GRAC_FIREFIGHTER_LOG_REPORT 

SAP_GRAC_ROLE_APPR

 

however with the same result.

 

All my SPM Owners and FF-ids have email adress, how should I maintain their email in MSMP, as the documentation is confusing for me.

 

8. Then, at Point #3 - Maintain Agents - I have created a Z Rule where I have mapped directly the Account ID-s and I have assigned it in Pct 5 (Maintain Paths) and activated- without any result.

 

Thank You,

 

Marc

Viewing all 1383 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>