2. What is GRC?
• SAP Governance, Risk, and Compliance solutions help companies comply
with Sarbanes-Oxley and other regulatory mandates by enabling
organizations to rapidly identify and remove access and authorization risk
from IT systems, and embed preventive controls into business processes
to stop future Segregation of Duties (SoD) violations from occurring.
3. Why GRC?
• We need audit teams to know user access and authorization controls.
• Request for emergency access (with all admin rights) is unexpected, cant
be monitored and controlled.
• Detection of violations (improper authorizations) for users is difficult.
Whether user authorizations are fallows standard rules.
4. SAP GRC Components
• SAP GRC Access Control
• SAP Global Trade Services
• SAP Process Control
• SAP Risk Management
• NOTA FISCAELECTRONICA
5.
6. • SAP GRC Access Control
With a built-in list of critical transactions and a matrix of segregation of duties
conflicts, SAP GRC Access Control lets you check if user or role maintenance
introduces risks to your business. It also lets you record the steps you take to
mitigate those risks.
• SAP GRC Access Control consists of the following
modules:
• ARA (Access Risk Analysis):
• EAM (Emergency Access Management):
• ARM (Access Request Management):
• BRM (Business Role Management):