SAP GRC
RULE SETS & CUSTOMISATION
RapidGRC know that each customer is unique, and we want to keep it that way.
The SAP Standard Rule set delivered with SAP GRC is an outstanding base line to work with, but what if you need more?
During our Custom “Transaction Alignment Workshops”, RapidGRC will review your custom transactions codes with key business resources and process owners. Sessions will be business led and facilitated by our GRC experts to provide context and guidance in order to steer the team towards it ultimate goal to produce a fully customised rule set tailored to your business needs and key risk areas.
*Depending on complexity, sessions can last from 1-2 hours, up-to 1 day per functional area. (or multiple smaller sessions if this fits your needs)
Identify Custom
Transactions
Functional / Process Alignment
GRC
Rule Set Alignment
Custom Rule Set Implementation
Key Areas Of Focus:
-
Identification of Custom Transactions (Z codes)
-
Functional / Business Process Custom Transaction Alignment
-
High Level Risk Identification (Business Led) C/H/M/L
-
Obsolete Risk Removal / Deactivation
-
GRC Risk Approach (Critical / High = Mitigate vs. Medium / Low = Mitigate or Allow)
We also offer “SAP Industry Specific” rule set flavours to further enhance your compliance monitoring. Ask us today about our customised rule sets.
This USER has
two roles
Action/TX
Role:
Action/TX
MM01
MIGO
ME59
ME21N
FCHR
FCKR
F-02
FB01
SCC4
SM49
ZS:ECC_FIN_ACCOUNT_CLERK
ZS:ECC_PUR_ADMIN_CLERK
F-02
MM01
ME21N
SCC4
There are two types of risk reported here by GRC: Segregation of Duties (SoD), and Critical Action Risk
An “SoD” is reported if any combination of action from two or more conflicting functions is identified.
For Example:
▪ SoD Risk 1: MM01 & ME21N
A “Critical Action” is any action/TX considered critical in its own right
▪ Critical Risk A: SCC4