Scribd Logo
Upload

Welcome to Scribd!

  • GRC Reports

    Uploaded by

    ken auva
    12 views3 pages
    This document provides a quick reference guide for 12 GRC reports in MIT's system. It lists each report's name and use, what information it contains, and how to access it. The reports provide insights into risk violations, user behavior, access rules, role assignments, transaction usage, and mitigating controls to help understand and manage risk exposure.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a quick reference guide for 12 GRC reports in MIT's system. It lists each report's name and use, what information it contains, and how to access it. The reports provide insights into risk violations, user behavior, access rules, role assignments, transaction usage, and mitigating controls to help understand and manage risk exposure.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    12 views3 pages

    GRC Reports

    Uploaded by

    ken auva
    This document provides a quick reference guide for 12 GRC reports in MIT's system. It lists each report's name and use, what information it contains, and how to access it. The reports provide insights into risk violations, user behavior, access rules, role assignments, transaction usage, and mitigating controls to help understand and manage risk exposure.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    GRC Reports – Quick Reference Guide

    Report Use Information How do I get to it?


    01 Risk Violations This report can be used to gain Risk count by risk level and Navigate to the ‘Reports and Click on the ‘Risk Violations’
    insight into MIT’s overall process. Analytics’ tab. report located in the ‘Access
    exposure to risk. The report Dashboards’ section.
    provides an overview of risk
    violations across all MIT ECC
    systems.
    02 User Analysis This report can be used to gain Risk count by risk type and Navigate to the ‘Reports and Click on the ‘User Analysis’
    insight into MIT’s overall user. Analytics’ tab. report located in the ‘Access
    exposure to risk. The report Dashboards’ section.
    provides an overview of user
    violations across all MIT ECC
    systems.
    03 Violations Comparisons This report can be used to gain Violation count and Navigate to the ‘Reports and Click on the ‘Violations
    insight into the progress MIT is comparison over time. Analytics’ tab. Comparisons’ report located in
    making with respect to the ‘Access Dashboards’
    reducing and mitigating risk section.
    exposure. The report provides
    an overview of violations
    remediation/mitigation
    progress.
    04 Access Rule Library This report can be used to Rule count by risk level and Navigate to the ‘Reports and Click on the ‘Access Rule
    understand MIT’s GRC rule set. process. Analytics’ tab. Library’ report located in the
    The report provides an ‘Access Dashboards’ section.
    overview of risk rules in GRC.
    05 SUIM Roles by Role Name This report can be used to Report shows: Execute transaction SUIM (in Click on the ‘Roles’ node and
    understand the mapping  List of transaction ECC) double click on the option for
    between single and composite codes included in the “By Role Name”
    roles. The report displays roles
    which single roles are assigned  Other composite roles Or use Transaction Code
    to a composite role. which have a selected  S_BCE_68001418
    single role
     Users assigned to the
    roles
    GRC Reports – Quick Reference Guide

    Report Use Information How do I get to it?


    06 User to Role Relationship This report can be used to List of all users with access to a Navigate to the ‘Reports and Click on the ‘User to Role
    determine all users assigned to particular role or set of roles. Analytics’ tab. Relationship’ report located in
    a role. the ‘Role Management Reports’
    section.
    07 Role Relationship with User - This report can be used to List of all roles assigned to a Navigate to the ‘Reports and Click on the ‘Role Relationship
    User Group determine what roles are user or users in a user group. Analytics’ tab. with User / User Group’ report
    assigned to a user. located in the ‘Role
    Management Reports’ section.
    08 SUIM Users by User ID This report can be used to Roles and profiles assigned to Execute transaction SUIM (in Click on the “User” node and
    display which roles users have users. ECC) then “Users by Complex
    and compare their access by Selection Criteria”. Then double
    sorting by role. click on the option for “By User
    ID”

    Or use Transaction Code


     S_BCE_68001394
    09 Count Authorizations for Users This report can be used to view Roles and profiles assigned to a Navigate to the ‘Reports and Click on the ‘Count
    the roles and profiles assigned user/users (composite roles are Analytics’ tab. authorization for Users’ report
    to a user. not included; however, single located in the ‘Security Reports’
    roles assigned via composite section.
    roles are) along with the
    number of authorizations in
    each.
    10 Action Usage by User Role and This report can be used to Count and last execution of Navigate to the ‘Reports and Click on the ‘Action Usage by
    Profile determine transaction usage by transaction usage by a user or Analytics’ tab. User, Role and Profile’ report
    a user. set of users during a period or located in the ‘Security Reports’
    on a particular date. section.
    11 Mitigation Control Report This report can be used to find Approvers, monitors and risks Navigate to the ‘Reports and Click on the ‘Mitigation Control
    information on the mitigating mitigated by a mitigating Analytics’ tab. Report’ report located in the
    controls defined in GRC. control as defined in the ‘Access Risk Analysis Reports’
    system. section.
    GRC Reports – Quick Reference Guide

    Report Use Information How do I get to it?


    12 User Level This report can be used analyze SODs, critical actions or Navigate to the ‘Access Click on the ‘User Level’ report
    for risk violations at the user permissions and critical roles or Management’ tab. located in the ‘Access Risk
    level. The report can also be profiles. Analysis’ section.
    used to find the mitigating
    controls assigned to users, as
    well as any invalid mitigating
    control assignments.
    13 User Level Simulation This report can be used carry New risk violations that will Navigate to the ‘Access Click on the ‘User Level
    out simulations at the user result due to changes to user Management’ tab. Simulation’ report located in
    level for the purpose of access. the ‘Access Risk Analysis’
    understanding whether the section.
    addition or removal of certain
    access either creates or
    eliminates SODs and other
    risks.
    14 Role Level This report can be used analyze SODs, critical actions or Navigate to the ‘Access Click on the ‘Role Level’ report
    for risk violations at the role permissions. Management’ tab. located in the ‘Access Risk
    level. Analysis’ section.
    15 Role Level Simulation This report can be used carry New risk violations that will Navigate to the ‘Access Click on the ‘Role Level
    out simulations at the role level result due to changes to roles. Management’ tab. Simulation’ report located in
    for the purpose of the ‘Access Risk Analysis’
    understanding whether the section.
    addition or removal of certain
    access either creates or
    eliminates SODs and other
    risks.
    16 Profile Level This report can be used analyze SODs, critical actions or Navigate to the ‘Access Click on the ‘Profile Level’
    for risk violations at the profile permissions. Management’ tab. report located in the ‘Access
    level. Risk Analysis’ section.
    17 Profile Level Simulation This report can be used carry New risk violations that will Navigate to the ‘Access Click on the ‘Role Level
    out simulations at the profile result due to changes to Management’ tab. Simulation’ report located in
    level for the purpose of profiles. the ‘Access Risk Analysis’
    understanding whether the section.
    addition or removal of certain
    access either creates or
    eliminates SODs and other
    risks.

    You might also like