What is the rule set in GRC?
Collection of rules is nothing but rule set. There is a default rule set in GRC called Global Rule Set.
What is the landscape of GRC?
GRC Landscape is 2 system landscape,
SAP GRC DEV
SAP GRC PRD
in GRC there is no Quality system.
What is offline risk analysis?
Offline Mode Risk Analysis process is performed with the help of Risk Identification and Remediation module in SAP GRC Access Control Suite. Offline mode Analysis helpos in identifying SOD Violations in an ERP System remotely. The data from system is exported to flat files and then it can be imported into the CC instance with the help of data extractor utility.
It can also be used to remotely analyze an ERP system which may be present in a different ERP Landscape.
What are the different types of Risk?
The different types of Risks are
- Operational Risk
- Strategic Risk
- Compliance Risk
- Financial Risk
Are you Looking for SAP GRC Training? Please Enroll for Demo SAP GRC..! |
What is SAP GRC Audit management?
This is used to improve the audit management process in an organization by documenting artifacts, organizing work papers, and creating audit reports. You can easily integrate with other governance, risk and compliance solution and enables organizations to align audit management policies with business goals.
What is SAP GRC Fraud Management?
SAP GRC Fraud management tool helps organizations to detect and prevent frauds at early stage and hence reducing minimizing the business loss. Scans can be performed on huge amount of data in real time with more accuracy and fraudent activities can be easily identified.
What are the different phases in GRC Risk Management?
There are various phases in risk management process −
- Risk Recognition
- Rule Building and Validation
- Analysis
- Remediation
- Mitigation
- Continuous Compliance
What is the main difference between single role and a derived role?
Main difference–we can add/delete the tcodes for the single roles but we can’t do it for the derived roles.
Explain derived role?
Derived roles are to restrict the user access based on organizational level values.
Derived role will be inherited by master role and inherit all the properties except org level values.
What does the Profile Generator do?
We can create roles , transport , copy , download, modifications , all these thing done from pfcg
t-code.
What is the use of RSECADMIN?
IN SAP BI
Reporting Users – Analysis Authorization using transaction RSECADMIN, to maintain authorizations for reporting users.
RSECADMIN – To maintain analysis authorization and role assignment to user.
How do we test security systems? What is the use of SU56?
Through Tcode SU56, We will check the user’s buffer
How we Schedule and administering Background jobs?
Scheduling and administrating of background jobs can be done by using tcodes sm36 and sm37
How we Check if the PFCG_TIME_DEPENDENCY is running for user master reconciliations?
Execute SM37 and search for PFCG_TIME_DEPENDENCY
What is rule set? and how to update risk id in rule set?
Also during indirect assignment of roles to user using t codes Po13 and po10, we must to do user comparison, so that the roles get reflected in the SU01 record of user.
What is the difference between PFCG, PFCG_TIME_DEPENDENCY&PFUD?
PFCG is used to create maintain and modify the roles.
PFCG_TIME_DEPENDENCY is a background job of PFUD.
PFUD is used for mass user comparison but the difference is if you set the background job daily basis it will do mass user comparison automatically
What does user compare do?
If you are also using the role to generate authorization profiles, then you should note that the generated profile is not entered in the user master record until the user master records have been compared. You can automate this by scheduling report FCG_TIME_DEPENDENCY on.
Are you Looking for SAP GRC Online Training? Please Enroll for Demo SAP GRC..! |
What profile versions?
Profile versions are nothing but when u modifies a profile parameter through a RZ10 and generates a new profile is created with a different version and it is stored in the database.
What is the use of role templates?
User role templates are predefined activity groups in SAP consisting of transactions, reports and web addresses.
What is the difference between role and a profile?
Role and profile go hand in hand. Profile is bought in by a role. Role is used as a template, where you can add T-codes, reports. Profile is one which gives the user authorization. When you create a role, a profile is automatically created.