http://scn.sap.

com/community/grc/blog/2014/02/23/mitigating-control-lifecycle
How Could i know my MItigation controls are active?Default is 365 day.is there a
ny report shows validity of MItigation control
Confirm Risk terminator has been configured from Sahid.
How to make sure Approver always runs risk analysis at Permission level before a
pproving the access request
How you are handling the trabsactions that conflicts with them selves
Change History for Rule set
In Support Pack 13, a new correction has been done to support change history of
Ruleset, Functions, Access Risk. Also SLG1 records gets updated as to which user
has executed SOD Upload Rules program with system name and timestamp.
EAM
if there is a report in GRC 10 that we could provide our auditor to show that lo
gs have been reviewed and approved through the FF log review workflow
you can use Access Administration > Search Request > Process ID Fire Fighter Log
Review Workflow
HAs SLA for FF log has been implemented
Check SAP SOD Matrix for SAP GRC
http://www.turnkeyconsulting.com/blog-archive/_/2012/08/ --> COMPLIANCE OF THE C
OMPLIANCE TOOL (GRC)
There is no reason why GRC should not be used to report on itself by installing
the plug-in into the GRC system. From a GRC functionality perspective,
this will then allow GRC authorisations to be included, reported on and assessed
as part of integrated access management processes.
How Could i know my MItigation controls are active?Deafult is 365 day.is there a
ny report shows validity of MItigation control
http://scn.sap.com/community/grc/blog/2014/02/23/mitigating-control-lifecycle