Scribd Logo
Upload

Welcome to Scribd!

  • 66 views

    Risk Analysis by Thinksky Academy Hyderabad

    Uploaded by

    Suresh Gundala
    1. The document discusses how to do risk analysis and mitigate users in SAP GRC 5.3. It involves creating business processes, functions, and risk rules in GRC and then generating risks. 2. It also describes creating a mitigation administrator and business unit to enable mitigating risks. Mitigation controls are created for specific risks. 3. Users can then be mitigated against risks by assigning them mitigation controls, which will remove those risks from future analysis runs. This allows risks to be resolved by controlling user access.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Risk Analysis by Thinksky Academy Hyderabad

    Uploaded by

    Suresh Gundala
    66 views11 pages
    1. The document discusses how to do risk analysis and mitigate users in SAP GRC 5.3. It involves creating business processes, functions, and risk rules in GRC and then generating risks. 2. It also describes creating a mitigation administrator and business unit to enable mitigating risks. Mitigation controls are created for specific risks. 3. Users can then be mitigated against risks by assigning them mitigation controls, which will remove those risks from future analysis runs. This allows risks to be resolved by controlling user access.

    Original Description:

    SAP GRC 5.3 RAR

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1. The document discusses how to do risk analysis and mitigate users in SAP GRC 5.3. It involves creating business processes, functions, and risk rules in GRC and then generating risks. 2. It also describes creating a mitigation administrator and business unit to enable mitigating risks. Mitigation controls are created for specific risks. 3. Users can then be mitigated against risks by assigning them mitigation controls, which will remove those risks from future analysis runs. This allows risks to be resolved by controlling user access.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    66 views11 pages

    Risk Analysis by Thinksky Academy Hyderabad

    Uploaded by

    Suresh Gundala
    1. The document discusses how to do risk analysis and mitigate users in SAP GRC 5.3. It involves creating business processes, functions, and risk rules in GRC and then generating risks. 2. It also describes creating a mitigation administrator and business unit to enable mitigating risks. Mitigation controls are created for specific risks. 3. Users can then be mitigated against risks by assigning them mitigation controls, which will remove those risks from future analysis runs. This allows risks to be resolved by controlling user access.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 11

    How to do risk analysis and mitigate user in SAP GRC 5.

    3
    We need to create a Business Process ZTSA

    We need to create Functions namely Function 1 as ZTSAFUN1 along with actions XK 1 and XK ! and sa"e#

    We need to create Functions namely Function ! as ZTSAFUN! along with actions FK 1 and FK ! and sa"e#

    $reate a %is& '( )or the action ty*e along with t he )unctions which we created earlier and sa"e

    Now it will *rom*t us to generate ris&s clic& on generate# 't will gi"e the a"aila+le ris&s li&e a)ter running the ,o+ in either )oreground or +ac& ground# 'n order to see the ris&s goto %ule architecht- rules

    action rules

    search +y +usiness *rocess# Then you will get the rules list#

    .itigation $reate an administrator /oto mitigation administrator create as a**ro"er

    $reate an administrator

    /oto mitigation

    administrator create as monitor

    $reate a Business unit /oto mitigation +usiness unit TSBU create along with add a**ro"er

    And then add monitor in the same screen and sa"e#

    $reate a mitigation control )or ris& id ZT%' /oto mitigation mitigation control create

    Select the ris& id a)ter )iling all the a+o"e the columns And then select the monitor and re*orts along with )re0uency#

    Su+mit#

    Now create a user and role with the a+o"e T-codes and assign it to user in the +ac&end system# When we run ris& analysis in /%$ %A% it must gi"e us the ris&s in"ol"ed in it#

    Now with the ris& descri*tion we will mitigate the user along with the mitigation control which we created earlier in %A%# $lic& on ris& in)ormation then it will ta&e you to ris& resolution screen as +elow#

    Now we can mitigate the ris& so clic& on mitigate ris& it will gi"e a *o* u* li&e +elow

    Now with the created mitigation control in %A% )or that *articular Business *rocess we will mitigate the ris& with all the credentials li&e mitigation control and monitor control and all with control "alid )rom and "alid u*to dates li&e

    A)ter su+mitting1 we will get in)ormation as mitigated user is created success)ully#

    Now i) u run ris& analysis then it must not *o*ulate ris&s )or this *articular user li&e

    'n the same way we can mitigate users )or any +usiness *rocess +y creating the monitor and mitigation controls# Thin&s&y Academy#

    You might also like