SAP GRC

RULE SETS & CUSTOMISATION

RapidGRC know that each customer is unique, and we want to keep it that way. 

The SAP Standard Rule set delivered with SAP GRC is an outstanding base line to work with, but what if you need more? 

 

During our Custom “Transaction Alignment Workshops”, RapidGRC will review your custom transactions codes with key business resources and process owners. Sessions will be business led and facilitated by our GRC experts to provide context and guidance in order to steer the team towards it ultimate goal to produce a fully customised rule set tailored to your business needs and key risk areas.

*Depending on complexity, sessions can last from  1-2 hours, up-to 1 day per functional area. (or multiple smaller sessions if this fits your needs)

Identify Custom

Transactions

Functional / Process Alignment

GRC

Rule Set Alignment

Custom Rule Set Implementation

Key Areas Of Focus:

  • Identification of Custom Transactions (Z codes)

  • Functional / Business Process  Custom Transaction Alignment

  • High Level Risk Identification (Business Led) C/H/M/L

  • Obsolete Risk Removal / Deactivation

  • GRC Risk Approach (Critical / High = Mitigate vs. Medium / Low = Mitigate or Allow)

 

We also offer “SAP Industry Specific” rule set flavours to further enhance your compliance monitoring. Ask us today about our customised rule sets.

This USER has

two roles

Action/TX

Role:

Action/TX

MM01

MIGO

ME59

ME21N

FCHR

FCKR

F-02

FB01

SCC4

SM49

ZS:ECC_FIN_ACCOUNT_CLERK

ZS:ECC_PUR_ADMIN_CLERK

F-02

MM01

ME21N

SCC4

There are two types of risk reported here by GRC: Segregation of Duties (SoD), and Critical Action Risk

An “SoD” is reported if any combination of action from two or more conflicting functions is identified.

For Example:
▪ SoD Risk 1: MM01 & ME21N

A “Critical Action” is any action/TX considered critical in its own right

 

▪ Critical Risk A: SCC4