About GRCwithRaghu

GRCwithRaghu

FFID's were a commonly used by many users in a system. Users can request for FFID and upon approval by the owner. In many cases, FFIDs are mis-used and owners without validating the actual requirement may approve the request. To avoid this risk, SAP ...

GRCwithRaghu · 02-04-2024

It's a debate worth delving into at any time! Should organizations adhere to the default security configurations within an application, or should they design their own to enhance security?In today's digital world, keeping sensitive business informati...

Password less authentication in SAP · 01-15-2024

You might be logging into SAP by entering User name and password. I was doing so from the last 20+ years. However, some of the client systems have Single Sign-on enabled which will login without entering a password and access SAP systems with a conce...

SAP User Access Reviews: Best practices · 01-13-2024

Let’s understand with a use case: A global enterprise that uses SAP for its operations employed an executive who sensitive customer and financial information as part of his job. He was later promoted to a different position and was given new authori...

GRCwithRaghu · 12-22-2023

In a recent study, our team delved into the practices of over 50 customers (with 20 responses depicted in the chart) and uncovered a startling reality: a significant number of organizations overlook the importance of securing custom transaction codes...

Re: Password less authentication in SAP · 02-16-2024

Hi @dyaryura Thanks! It's just a beginning and SAP is bringing on more capabilities with solutions such as SAP SSO 3.0. Let's wait to see what additional capabilities are added.Rgds,Raghu Boddu

GRCwithRaghu · 11-26-2023

Hi Hisham,The Candidate Business Roles will be assigned to the users in the last stage, i.e., Reconcile stage of Business Role after activation.The Reconcile step will show the # of new assignments that it is making and creates the provisioning reque...

GRCwithRaghu · 11-23-2023

Dear Udaykiran, Regarding your first query, indeed, ETD (Enterprise Threat Detection) has the capability to monitor logs from both Network and Database systems. However, it's important to note that SAP ETD cannot serve as a replacement for SIEM/SOAR...

GRCwithRaghu · 09-25-2023

Hi Mercedes,We also have the same issue in one of the client's environment. Can you confirm the solution.Regards,Raghu

GRCwithRaghu · 12-18-2022

Hi Reece,Can you provide more information on which fields you wish to validate? The logic depends on the fields and I can recommend a solution.Regards,Raghu Boddu

User Statistics

User Activity

Parameter 4026: Transforming Your Approach to EAM Application in SAP GRC Access Control

Security by Default vs Security by Design

Password less authentication in SAP

SAP User Access Reviews: Best practices

Identifying Risks Associated with Custom Transaction Codes in SAP! Best Practices!

Re: Password less authentication in SAP

Re: Assignment of Candidate Business Role to users in IAG

Re: Safeguarding SAP Landscapes: Unleashing the Power of SAP Enterprise Threat Detection (ETD) – An Introduction

Re: Indicator in Event Log type in SAP ETD

Re: Need enhancement when saving GRC access request to be able to read Excel attachment