Skip to Content
Author's profile photo Joshu Madina
Joshu Madina
November 15, 2013 3 minute read

GRC AC Role Analytics Powered by HANA

With this application, you can use the data that you have replicated from your SAP GRC system to SAP HANA, and monitor, analyze, and, in some cases, act on role-centric reports. SAP Role Analytics is an example of how you can create analytical reports and add functionality that allows you to take action on the analytical data.

The application has these reports:

·         Unused Roles

You can take action to de-provision unused roles.

·         Actively Used Roles

·         Orphaned Roles

You can access the application using an HTML5 supported web browser .The application counts the actively used, unused, and orphaned roles on the GRC system, combines it with the business process information, and displays this data in pie chart format. The default date range for the count is the current year. You can adjust the data by changing the date range, or by selecting filters for role type, landscape, criticality level, and sensitivity.

The default report is Unused Roles. You can choose to display the information in different formats: pie chart, bar chart, table. You can drill down by choosing any of the selectable elements in the charts and tables.

1)   ORPHANED ROLES

HR_1.png

From the available options, select “Orphaned Roles.”

RA2.png

From the Sensitivity filter, when selecting “Confidential,” “Restricted,” and “Classified, the filter shows the selected 3 of the possible 10 choices under Sensitivity. Then automatically result gests refreshed graphically based on the selection criteria (pie chart).

RA3.png

From the result set, we can switch the pie chart to bar chart.

RA4.png

RA5.png

By double-clicking on the specific bar say the business process Quality Management roles bar in the graph, it will drill down the list of roles.

RA6.png

RA7.png

          2) UNUSED ROLES

RA8.png

Double click on the “Basis” section of the chart, bringing up a table of the roles and user counts involved./wp-content/uploads/2013/11/ra9_324599.png

/wp-content/uploads/2013/11/ra10_324600.png

The filters can be applied to check the roles for the specific land scape say SAP R/3

/wp-content/uploads/2013/11/ra11_324601.png

/wp-content/uploads/2013/11/ra12_324605.png

/wp-content/uploads/2013/11/ra13_324606.png

From the list, we can go through each of the roles in the SAP R3 systems that aren’t being used. Even more convenient, we can select to de-provision the role from the affected users. The de-provisioning request is sent directly to the backend Access Control system and the appropriate workflow is used with just one click!

We can continue to use the SAP Access Control Role Analytics application to quickly and easily resolve the remaining unused role issue and addresses Internal Audit’s concerns.

Assigned Tags

      Be the first to leave a comment
      You must be Logged on to comment or reply to a post.