SAP Access Control 12.0 – SAP Fiori Dashboard OVP
With the end of support for Adobe Flash Plug-in, accessing the GRC Access control Dashboards was a big challenge for all the customers.
One of the solution (besides using the dashboards on the new IGS technology i.e. the Adobe has been replaced by IGS-refer to SAP Note 3007640), is using the newly added OVP for SAP Fiori Access Control (currently for ARA reports) i.e. “ GRC Access Control Dashboard OVP” which was added in GRCFND_A 12.0 SP 11.
Below you can see all the SAP Fiori OVP available in SAP Access Control.
The GRC Access Control dashboard OVP has been developed in CDS view(the CDS view UI annotations are how we define what is shown in the card) and consist of multiple cards at one place that can be used to show data in many forms such as tables and charts.
The GRC Access Control Dashboard Overview pages are a part of GRCFND_A 12.0 SP11 for GRC backend system and UIGRAC01 SP06 for front-end system.
Hence, you need to upgrade the components as below in order to access the GRC Dashboard OVP.
NOTE: In case, after the upgrade to UIGRAC01 SP06, you face any issue with the OVP i.e. if the OVP cards are not showing the data or the Navigation within the cards not working, then you can refer to the below notes and make sure that the correction instruction are implemented in the system.
There are total 5 adobe flash reports that have been developed in CDS view for the GRC Access control dashboard OVP which are:
Access Rule Library
Mitigation Control Library
HOW TO CONFIGURE AND ACCESS:
- You need to activate and maintain the O-data service “GRAC_AC_DASHBOARD_OVP_SRV” via Transaction “/IWFND/MAINT_SERVICE” in GRC system.
- You need to add the backend PFCG role “SAP_GRAC_BCR_CMPLNCMGR_T” in order to access the GRC Access Control Dashboard OVP. (In UIGRAC01 SP07 this OVP will be available with Security Manager Role – SAP_GRAC_BCR_SCRTYMGR_T).
- The Fiori Catalog ID associated with this OVP “SAP_GRC_BC_CMPLNCMGR_T”.
- To Access this OVP, execute Transaction: /n/ui2/flp and go to path ->Compliance Owner:-> GRAC AC Dashboard.
- Prerequisites for the GRC Dashboard OVP are same as that for the NWBC dashboards i.e. to execute the Repository Object Sync and Batch risk analysis job.
- Once you open the Dashboard OVP Application in SAP Fiori Launchpad, there are two Input criteria i.e. Target Connector and Year/Month, which acts a common filter criterion for all the cards.
REPORT TO CARD MAPPING:
Below is the list of cards that are available in the GRC Access Control Dashboard OVP.
1. RISK VIOLATION
3. ROLE ANALYSIS
4. MITIGATION CONTROL LIBRARY
NOTE: For more information on report to card mapping, please refer to the PPT attached in SAP Note 3004415.
SAP GRC FIORI LAUNCHPAD CONFIGURATION DESIGNER(FRONT-END) STEPS:
In case you want to create a custom SAP GRC Fiori catalog ID then you can use the manual activity given in the attachment in the below SAP Note to add the Semantic Object and Action to read the O-data service.
3004501 – GRAC AC 12.0 OVP Dashboard Fiori Launchpad Configuration Settings
List of Important Notes:
- 3004501 – GRAC AC 12.0 OVP Dashboard Fiori Launchpad Configuration Settings.
- 3004415 – GRC AC12.0 Dashboard Overview Page with CDS Annotations.
- 2947941 – Information related to GRC Dashboards and Adobe Flash
- 2991499 – UIGRAC01 GRC AC Dashboard OVP Reports.
- 2942434 – UIGRAC01 user analysis OVP dashboard navigation .
For more information on SAP Fiori for GRC Access Control, you can check my Blog Post SAP Fiori Solution for SAP Access Control.
I’ll keep updating and adding new features and developments as and when they come in future.
Happy reading !! 🙂
Feedbacks, questions and comments are most welcome!!