Hello GRC Mates,
Please find some of the New Enhancements in GRC AC 10.1 SP18 and SP19
Access Control Is integrated with Success Factors
With GRC AC 10.1 SP19, Customers can start using Access Control to manage access requests, analyze SoD and critical access risks, manage business roles, and provision users for SuccessFactors.
This enhancement includes: Addition of the Connector Type: SFEC Success Factor Employee Central
For more details on this enhancement, Refer SAP Note Number: 2538932
Enhanced Risk Analysis for S4HANA Fiori Apps
With GRC AC 10.1 SP19, AC Risk Analysis is integrated with Fiori Apps on S/4 HANA On-Premise Systems.
This is an advance development for which upgrade to GRC AC 10.1 SP19 is mandatory.
For more details on this enhancement, Refer to the following SAP Note Numbers: 2539742, 2483611, 2481822, 2515567
Ruleset for S/4 HANA Risk Analysis
With GRC 10.1 SP19, Rulesets are delivered for S/4 HANA and HANA Database via BC Sets.
Some of the BC Sets that needs to be activated in SCPR20 Transaction are as follows:
For more details on this enhancement, Refer SAP Note Number: 2574731
Enhancement in SAP GRC SOD standard rules library for HANA Plugin
A new BC Set is introduced “GRAC_RA_RULESET_SAP_HANA” with SP20 support pack of GRC 10.1 release. New Connector Group “SAP_HANA_LG ” is also introduced with this BC Set. After activating this new BC Set, new Connector Group “SAP_HANA_LG ” will be part of the existing standard connector group list.
Note: It STRONGLY Recommended not to activate these BC Sets delivered in SP19. Upgrade to SP20 (once it is available) and then activate the BC Sets based upon your requirements.
For more details on this enhancement, Refer SAP Note Number: 2524840
Mitigation Controls not loaded back properly in Access Request
After Running Risk Analysis and applying the Mitigation Controls, the recently saved ones are not loading back properly. To Resolve the issue, Refer to SAP Note Number: 2477750
Mass Maintenance of Risk Owners and Mitigation Control Owners
With GRC AC 10.1 SP18, editing multiple Risk Owners and Mitigation Control Owners at one time is possible now. This can be performed by editing them directly or uploading an XML file.
For more details on this enhancement, Refer SAP Note Number: 2491450
Addressing Ineffective Mitigation Control Across AC and PC
With GRC AC 10.1 SP18, when an assessment in Process Control finds a control as ineffective, a mechanism is provided to delete the respective controls from Access Control also.
For more details on this enhancement, Refer SAP Note Numbers: 2445331, 2486955
Additions to this blog is most welcome.
Rakesh Ram M