Cross-Enterprise Integration with SAP GRC Access Control
The primary purpose of the book is to provide implementation team members, technical teams, audit and security teams, and consultants with a roadmap for implementing and configuring AC RAR in a multi-system environment. The focus of the book is helping the target group configure AC RAR to incorporate a central rule repository using that functions across multiple SoD domains.
Controlling the level of access employees, contractors, partners and systems have to an organization's financial and functional information, processes, and knowledge base is the most important aspect of a risk management strategy, and one of the most difficult to im-plement properly. Due to the sheer number of "transactions" involving corporate information that take place both inside and outside an organization (many of them automated), myriad complex rules are required to make sure that access to that information is segregated appropriately.
Individually-segregated rules need to be defined, for example, for a business analyst opening a reporting spreadsheet, a customer service representative accessing customer data, a receiving clerk accessing trade forms, and an EDI transaction interfacing with an external bank. This so-called Segregation of Duties (SoD) strategy must then be monitored 24/7 to ensure compliance with regulations such as SOX. Much of the success of an organization's risk management and compliance strategy hinges directly on the strength of their access control process.
SAP offers customers the Access Control Risk and Remediation component as part of the GRC application. It is considered the state-of-the-art access control solution in the industry, and is considered the crown jewel of SAP's acquisition of Virsa. Formerly known as Compliance Calibrator, AC RAR provides companies with a platform for managing their entire access control strategy, including the ability to create a central rule repository for both SAP ERP and non-SAP legacy infrastructure.
1 ... Introduction ... 9
... 1.1 ... What is Access Control ... 9
... 1.2 ... Architecture of Access Control ... 13
... 1.3 ... Necessity of SOX ... 15
... 1.4 ... Overview of Cross-Enterprise for Access Control ... 18
... 1.5 ... Summary ... 19
2 ... SAP GRC Access Control Rule Architect ... 21
... 2.1 ... Overview of the Rule Architect ... 21
... 2.2 ... Building Cross-Enterprise Rules ... 43
... 2.3 ... Summary ... 45
3 ... Managing Access Risk ... 47
... 3.1 ... Central Rule Library: The Global Rule Set ... 47
... 3.2 ... Rule Migration in the System Landscape and During the RAR Upgrade Process ... 48
... 3.3 ... Import/Export Utility ... 50
... 3.4 ... Summary ... 55
4 ... Cross-Enterprise Matrix for SAP GRC AC ... 57
... 4.1 ... Available Real Time Agent (RTA) for SAP ... 57
... 4.2 ... RTA for Non-SAP ERP Applications ... 58
... 4.3 ... Summary ... 64
5 ... Configuration and Operation of the Data Extractor ... 65
... 5.1 ... System Connector ... 67
... 5.2 ... Configure Extraction Process ... 67
... 5.3 ... Production ... 80
... 5.4 ... Summary ... 80
6 ... Risk Analysis for Cross-Enterprise Systems ... 81
... 6.1 ... Scheduling Background Jobs ... 81
... 6.2 ... Management Report Updates ... 85
... 6.3 ... Real Time Risk Analysis ... 86
... 6.4 ... Cross-Enterprise Execution in the AC Application ... 87
... 6.5 ... Offline Risk Analysis ... 92
... 6.6 ... Summary ... 93
7 ... Mitigation and Alerts ... 95
... 7.1 ... Mitigation Controls ... 95
... 7.2 ... Mitigated Users/Roles/Profiles/HR Objects ... 96
... 7.3 ... Alert Generation ... 101
... 7.4 ... Alert Dashboard ... 103
... 7.5 ... Alert Clearing and Archiving ... 104
... 7.6 ... Summary ... 105
8 ... Continuous Compliance ... 107
... 8.1 ... Best Practices for Continuous Compliance ... 107
... 8.2 ... Simulation ... 109
... 8.3 ... Monitoring and Control ... 112
... 8.4 ... Summary ...
A ... Rule Library File Templates ... 115
... A.1 ... Business Process Template ... 115
... A.2 ... Function Template ... 115
... A.3 ... Function-Business Process Relationship Template ... 116
... A.4 ... Function-Action Relationship Template ... 116
... A.5 ... Function-Permission Relationship Template ... 116
... A.6 ... Rule Set Template ... 117
... A.7 ... Risk Definition Template ... 117
... A.8 ... Risk Description Template ... 118
... A.9 ... Risk to Rule Set Relationship Template ... 119
B ... Legacy System Templates ... 121
... B.1 ... User File Template ... 121
... B.2 ... User Action File Template ... 122
... B.3 ... User Permission File Template ... 122
... B.4 ... Role File Template ... 124
... B.5 ... Role Action File Template ... 124
... B.6 ... Role Permission File Template ... 125
... B.7 ... Profile File Template ... 126
... B.8 ... Profile Action File Template ... 126
... B.9 ... Profile Permission File Template ... 127
... B.10 ... Action File Template ... 127
... B.11 ... Permission File Template ... 128
... B.12 ... Field File Template ... 129
... B.13 ... Value File Template ... 130
C ... Information Sources ... 133
... C.1 ... Installation and Upgrades ... 133
... C.2 ... SAP Help Portal for Access Control ... 134
D ... The Author ... 135
- Autor: Raj Behera
- 2009, 138 Seiten, mit Abbildungen, Maße: 18,7 x 1,9 cm, Gebunden, Englisch
- Verlag: Rheinwerk Verlag
- ISBN-10: 159229250X
- ISBN-13: 9781592292509
- Erscheinungsdatum: 28.04.2009
Zustand | Preis | Porto | Zahlung | Verkäufer | Rating |
---|
Schreiben Sie einen Kommentar zu "Cross-Enterprise Integration with SAP GRC Access Control".
Kommentar verfassen