Skip to content

Homepage for SAP Professionals

SAP Community website with all sorts of interesting information related to SAP

Archive

Category: SAP GRC

SAP Job Market

Aug 12
Functional, MM Materials Management, SAP Data Load & Extracts, SAP GRC, SAP Security, SAP Tips and Tricks, SD Sales & Distribution, Tips and Tricks

SAP Job Market

SAP job market is currently in a state of flux just like any other IT job. Where there used to be 10 jobs there are 4 or may be 5. Post recession, the reasons are obvious – Lack of budgets, postponing new implementations, general market slump etc.

However, all is not lost yet. There are still jobs. And more are going to come up as the economy slowly takes roots again and boomtown comes along. continue reading…

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment consulting, job, training Read more

CC5.2: Cannot assign a blank-padded string to host variable 1.RC:1

Jan 30
SAP GRC, SAP Tips and Tricks

We have been contacted by a number of our clients that had the following problem.

When executing the “Risk Analysis” reports in the “Informer” tab, randomly receive the following error message: “Cannot assign a blank-padded string to host variable 1.”

To solve this problem, please go to the rule architect tab in Compliance Calibrator. Search for function PR04 and modify it by clicking on the Permissions tab and open up the permissions for transaction ME45. For authorization object M_EINK_FRG, field FRGCO should be enabled and the field value set to be *. If there is a blank here, enter *. Field FRGGR for this auth object should be disabled. Once this change is made, save the function and then regenerate all rules for this function.

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment Compliance Calibrator, SAP GRC, Virsa Read more

Simple workflow for SAP GRC User Provisioning

Aug 24
SAP GRC

Keep it Simple: A simple workflow implementation for SAP GRC User Provisioning

Sample scenario: The Company has four organizational divisions.  Each division has a Manager and SAP Security coordinator.   The SAP security coordinator approves the SAP System / Roles and Manager approves the organization location of the user. There are  Role owner and Training Coordinator.  The Role owner approves sensitive roles and training coordinator verifies and approves the training.

WorkFlow  Steps

Steps 1:  Manager approves the User and SAP System Access

Step 2:  The SAP Security Coordinator selects the roles and approves

Step 3:  Role owner approves the sensitive roles if there are any

Step 4: Training coordinator verifies the training

Step 5: User is provisioned in the system

Process: The user will register with the organizational location. The organizational location will be initiator of the work flow.  The Stages of the work flow will be Manager- SAP Coordinator-Role Owner-Training Coordinator.  The path will follow the stages mentioned above.   Define custom approver determinator based on the organization location in each stage. This will send the approvals to appropriate organizational manager

Assumption:  One composite role per user and the role is mitigated or free of any SODs

OneAccess-UserManager also helps you manage the complex documenting, testing, process control, and sign-off requirements mandated by Sarbanes-Oxley sections 302, 404, and 409

Selva Kumar

Vice President- SAP Practice

OneAccess-UserManager for SAP

SAP Certified-Powered by Netweaver

http://www.softsquare.biz/oneaccess/

selva@softsquare.biz

Phone: 1 877 717 5487

Automate and Meditate

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment none Read more

SAP GRC Compliant user Provisioning Implementation time depend on the number of exceptions –Is 3 months short or long

Aug 24
SAP GRC

This tool automates the user provisioning process and also checks for any risks associated with the user when the sap access in added or removed.  The tool can be used to identify and mitigate SOD risks when the user is approved.  Are there are any general guidelines on how long it should take to implement. From my experience it should not take more than 3 months to implement the GRC Compliant user provisioning system for client.

The implementation time also depends on the following

  1. Number of user in the system  and user authentication integration with external systems
  2. Number of different systems and client, live Dev, QAS, SANDBOX, Staging, Training, Production Etc.  Plus if you have BI, SRM, CRM, Portal, PLM etc that adds to the complexity
  3. Process flow also delays the time line. If the company want multiple stages and escape route in approval process which require multiple workflow and  tough configure.
  4. Training confirmation integration with the external system
  5. The current user approval process which is followed and which can be quickly replicated in SAP GRC
  6. The sound design of the roles and good role naming convention
  7. Approval hierarchy predefined or can be directly uploaded into SAP GRC

OneAccess-UserManager also helps you manage the complex documenting, testing, process control, and sign-off requirements mandated by Sarbanes-Oxley sections 302, 404, and 409

Selva Kumar

Vice President- SAP Practice

OneAccess-UserManager for SAP

SAP Certified-Powered by Netweaver

http://www.softsquare.biz/oneaccess/

selva@softsquare.biz

Phone: 1 877 717 5487

Automate and Meditate

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment none Read more

Three Unique Roles in GRC Access Enforcer

Aug 24
SAP GRC, SAP Tips and Tricks

There are three types of user in SAP GRC Access Enforcer

• Requestor

Requestors  is the typical end users who wants access to SAP system and he or she will create provisioning requests, asking that a specific user be assigned one or more SAP roles. This request triggers a workflow, a process requesting approval of the role assignment from designated approvers.

• Approver

Approvers who is a functional or Technical user in the company, who understands the SAP role and their contents  who can either approve or deny provisioning requests.  Virsa Access Enforcer interacts with approvers via email. At each stage of a workflow, one user is designated as the approver for that stage, and that user receives an approval email generated by Virsa Access Enforcer. The approver has options either approve or deny.

• Administrator: Administrators is responsible for creating, deploying, configuring and managing workflows. These workflows are designed to follow the organizational path for assigning roles to a user. The administrator is responsible for designing the approval process so all the approvals are captured

All the above users must be assigned access in GRC system and the access determines who has the authority to act in which capacity. Only users with the requestor access can create new requests and administrators can create and deploy workflows.

OneAccess-UserManager also helps you manage the complex documenting, testing, process control, and sign-off requirements mandated by Sarbanes-Oxley sections 302, 404, and 409

Selva Kumar

Vice President- SAP Practice

OneAccess-UserManager for SAP

SAP Certified-Powered by Netweaver

http://www.softsquare.biz/oneaccess/

selva@softsquare.biz

Phone: 1 877 717 5487

Automate and Meditate

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment none Read more

SAP GRC –Updating SOD Matrix with any custom transactions and custom object level changes

Aug 24
SAP GRC

SAP systems have some custom transactions which are created by the companies to mask the sap transactions or create new transactions.  These custom transactions will miss the Segregation duties matrix (SOD) since they have to be manually updated. When we run the SOD analysis it will miss the transaction and will not flag them a risk. These transactions should be part of SOD matrix.  Since it not part of SAP defined SOD matrix.  For example if you are copying transaction XK02 and create transaction ZXK02 to mask some of the fields in the screen.  This transaction has same functionality as update vendor master but is hiding as custom transaction. You could do this with transaction variants or create a custom screens. The transaction can perform the same functionality. The SOD analysis will miss this transaction since the custom transaction is not in SOD matrix.  The best way to update this transaction is find the similar transaction or transaction which has similar functionality. Then update the functional group with this custom transaction.  In addition to updating the transaction also update the SU24 with the relevant objects and object values for the custom transaction.

OneAccess-UserManager also helps you manage the complex documenting, testing, process control, and sign-off requirements mandated by Sarbanes-Oxley sections 302, 404, and 409

Selva Kumar

Vice President- SAP Practice

OneAccess-UserManager for SAP

SAP Certified-Powered by Netweaver

http://www.softsquare.biz/oneaccess/

selva@softsquare.biz

Phone: 1 877 717 5487

Automate and Meditate

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment none Read more

SAP GRC Risk Analysis and Remediation- Key terms

Aug 24
SAP GRC

Business Process: Are the high level process areas where you want to report risk analysis. Examples of business process are Finance, Sales and Distribution, Production Planning, Human Resources Etc

Function:  Is grouping of one or more actions which are related to each other. Example functional area grouping could be vendor Master Maintain, Material master Maintain etc.  These functions will have all the transactions relevant to vendor master and transaction relevant to material master.

Risk: Is identified as material, physical loss, fraud, disruption or production loss which could occur due to and individuals who could take advantage of the situation.  The risk are generated due to conflicting function. Example risk could be “ Maintain Fictitious G/L Account and hide activity Via postings

Action: is an activity performed in the system in order to accomplish a specific function.  Example of a action could be Create Vendor master, Create Customer master, approve payments etc

Permissions:   Authorizations that allows the users to perform the particular activity in the system. Example Mass Update Material Master

System:  Refers to the system in which the analysis will be performed.  The system could be SAP ECC, SAP SRM SAP CRM etc

OneAccess-UserManager also helps you manage the complex documenting, testing, process control, and sign-off requirements mandated by Sarbanes-Oxley sections 302, 404, and 409

Selva Kumar

Vice President- SAP Practice

OneAccess-UserManager for SAP

SAP Certified-Powered by Netweaver

http://www.softsquare.biz/oneaccess/

selva@softsquare.biz

Phone: 1 877 717 5487

Automate and Meditate

VN:F [1.9.3_1094]
Rating: 0.0/5 (0 votes cast)
  • Share/Bookmark
Leave a Comment none Read more

Popular Posts (last 30 days)

Legal Notice

Copyright Notice

Original author(s) retain their own copyright(s). Original content is Copyrighted © by Home4SAP.com. Any original home4sap.com content may be freely redistributed or posted in part or in full with full attribution to the original post, through a direct link to the original post.

Pursuant to Title 17 U.S.C. 107, other copyrighted work is provided for educational purposes, research, critical comment, or debate without profit or payment. If you wish to use copyrighted material from this site for your own purposes beyond the 'fair use' exception, you must obtain permission from the copyright owner.

Legal Disclaimer

This site is not affiliated with, endorsed by, nor operated in conjunction with SAP, any of its affiliates, subsidiaries, partners or those who have a direct relationship with the company. For more information from SAP, please visit the company site at: http://www.sap.com/

Please note, all articles, submissions, or other information that does not come directly from SAP is opinion and suggestion. In practice, actual results, or particular tasks and steps may vary depending on your unique situation or circumstances.

The author reserves the right to correct, update, alter, modify, or remove any articles or other content on the site as circumstances may warrant. No warranty or guarantee of any kind, express or implied, is offered for any information contained within this site. You must carefully consider any actions you take within the context of the specific situation and circumstances of the environment you are applying them.

Homepage for SAP Professionals

  • Quote of the moment

    Our attitude towards others determines their attitude towards us.



  • Save up to 80% on custom printed products at Vistaprint. Order today!

  • Sponsored

  • Search SAP Jobs

    Quick Job Search
    Enter Keyword(s):
    Enter a City:  

    Select a State:

    Select a Category:
      - Advanced Job Search
      - Search by Company

  • Categories

  • Special Offers

  • Wolfam|Alpha –

    computational knowledge engine

  • Archive

  • Users Online

    Users: 2 Guests

  • RSS SAP Network Blog

    • Tales From the Front Lines - The Tale of Early Obsolescence September 5, 2010
      In the first of several articles relating past experiences to educational needs in the SAP supported business world, I will discuss how continuing education is necessary to avoid backsliding on personal skills inventories versus skills needed to keep ahead of technology and business. […]
    • The Importance of Social Phenomenon in Change Control Processes September 4, 2010
      The proverbial "too many chefs spoil the broth", can often manifest itself in overtly cumbersome SAP change control mechanisms. Often the more approvals that are required for a specific change, the more likely those approvers will abdicate their responsibility to others. This can result in changes being overlooked, due to a Diffusion of responsibil […]
    • Crystal Reports and PONOs, POCOs and Classes(OH MY!) September 3, 2010
      Do you want to report off of your .NET project variables such as POCO/PONO and other classes? In this BLOG I will introduce how to accomplish just that! This is for any .NET developer whether it is C++, C#, VB or Delphi. […]

  • SAP Finance News

    Europe's Easy Credit Bank
    Thu, 02 Sep 2010 15:00:00 GMT

    Some Tech Stocks Soar, While Others Flounder
    Thu, 02 Sep 2010 13:05:00 GMT
    [Indie Research] - Tech stocks have been a real mixed bag for investors lately, with some former highflyers tumbling while others continue to soar.

    Sybase and University of Texas Study Reveals 10 Percent Increase in Usability of Enterprise Data Can Translate to $2 Billion in Additional Revenue Every Year
    Wed, 01 Sep 2010 13:00:00 GMT
    [Business Wire] - DUBLIN, Calif.----Sybase, Inc., an SAP company and industry leader in enterprise and mobile software, today revealed the results of a new Report – ‘Measuring the Business Impacts of Effective Data’ – an extensive study benchmarking some of the world’s leading enterprises across a wide range of industries by measuring the direct correlation between a company’s IT investments and overall business performance.

    Copyright © 2010 Homepage for SAP Professionals Design by SRS Solutions
    top
    WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
    Private SAP is a registered trademark of SAP AG in Germany and in several other countries. The Homepage for SAP Professionals is not affiliated to SAP AG or any of its subsidiaries.