This book provides cross-enterprise configuration instructions and best practices for SAP GRC Access Control implementations in companies with multi-system architectures. The author provides the implementation strategies, configuration steps, and best practices necessary to implement and manage a global access control, risk remediation, and compliance framework across a multi-system landscape, including non-SAP and legacy systems. Readers discover how to use Offline Risk Analysis, Real Time Analysis, and Management Update Report to manage risk analysis across the enterprise and quickly come to understand how to build and manage a rule matrix for a multi-system enterprise using the Real Time Agent (RTA), as well as the functional use of the Rule Architect. Plus, learn how to configure AC for use with the most common non-SAP systems such as Oracle, PeopleSoft, JDEdwards, and others. You'll find out how best to determine the setup of cross-enterprise mitigation controls and alternative controls to mitigate risk as well as how to educate management about conflicts approval and monitoring.
Finally, the author shows you how you can develop and execute a plan for Continuous Compliance using best practices for simulation, monitoring, and control.
Raj Behera is the Manager of the Regional Implementation Group (Americas) for GRC at SAP. He is directly involved in helping SAP customers throughout the Americas implement the GRC AC solution. He has presented on this subject at GRC2008 in Orlando and ASUG/SAPPHIRE.