Skip to Content

Hello GRC Mates,

Please find some of the New Enhancements in GRC AC 10.1 SP18 and SP19

 

Access Control Is integrated with Success Factors

With GRC AC 10.1 SP19, Customers can start using Access Control to manage access requests, analyze SoD and critical access risks, manage business roles, and provision users for SuccessFactors.

This enhancement includes: Addition of the Connector TypeSFEC Success Factor Employee Central

For more details on this enhancement, Refer SAP Note Number: 2538932

 

Enhanced Risk Analysis for S4HANA Fiori Apps 

With GRC AC 10.1 SP19, AC Risk Analysis is integrated with Fiori Apps on S/4 HANA On-Premise Systems.

This is an advance development for which upgrade to GRC AC 10.1 SP19 is mandatory.

For more details on this enhancement, Refer to the following SAP Note Numbers: 2539742, 2483611, 2481822, 2515567

 

Ruleset for S/4 HANA Risk Analysis

With GRC 10.1 SP19, Rulesets are delivered for S/4 HANA and HANA Database via BC Sets.

 

Some of the BC Sets that needs to be activated in SCPR20 Transaction are as follows:

GRAC_RA_RULESET_S4HANA_ALL
GRAC_RA_RULESET_S4HANA_CORE
GRAC_RA_RULESET_SAP_HANA
GRAC_RA_RULESET_COMMON

For more details on this enhancement, Refer SAP Note Number: 2574731

 

Enhancement in SAP GRC SOD standard rules library for HANA Plugin

A new BC Set is introduced “GRAC_RA_RULESET_SAP_HANA” with SP20 support pack of GRC 10.1 release. New Connector Group “SAP_HANA_LG ” is also introduced with this BC Set. After activating this new BC Set, new Connector Group “SAP_HANA_LG ” will be part of the existing standard connector group list.

Note: It STRONGLY Recommended not to activate these BC Sets delivered in SP19. Upgrade to SP20 (once it is available) and then activate the BC Sets based upon your requirements.

 

For more details on this enhancement, Refer SAP Note Number: 2524840

 

Mitigation Controls not loaded back properly in Access Request

After Running Risk Analysis and applying the Mitigation Controls, the recently saved ones are not loading back properly.  To Resolve the issue, Refer to SAP Note Number: 2477750

 

Mass Maintenance of Risk Owners and Mitigation Control Owners

With GRC AC 10.1 SP18, editing multiple Risk Owners and Mitigation Control Owners at one time is possible now.  This can be performed by editing them directly or uploading an XML file.

For more details on this enhancement, Refer SAP Note Number: 2491450

 

Addressing Ineffective Mitigation Control Across AC and PC

With GRC AC 10.1 SP18, when an assessment in Process Control finds a control as ineffective, a mechanism is provided to delete the respective controls from Access Control also.

 

For more details on this enhancement, Refer SAP Note Numbers: 2445331, 2486955

 

Additions to this blog is most welcome.

 

Regards,

Rakesh Ram M

To report this post you need to login first.

4 Comments

You must be Logged on to comment or reply to a post.

  1. Vanita Partharathy

    Hi Rakesh,

    Thank you for the useful document.

    We are on GRC10.1 SP20, even after all the mentioned BC sets are activated, we are not able to see rule set being updated for HANA. Any pointers? Are we missing something?

    (0) 
  2. Vanita Partharathy

    Hi Ramesh,

    Thanks for the Note, i have seen this already and have activated the relevant BC sets, but still rule sets are not showing HANA risks.

    We have not connected any HANA/FIORI systems, we are trying to analyse the standard HANA/FIORI rule set by downloading them from our test machine. Does this impact? BC set activation should independently be updating the rule sets right?

    Regards,
    Vanita.

    (0) 

Leave a Reply