Scribd Logo
Upload

Welcome to Scribd!

  • SAP GRC AC FAQz

    Uploaded by

    gadesiger
    6 views4 pages

    Original Title

    SAP GRC AC FAQz (2)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    6 views4 pages

    SAP GRC AC FAQz

    Uploaded by

    gadesiger

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 4

    1) What is Acronym for GRC?

    2) What are the components of GRC 12?


    3) What are the components of GRC Access Control 12?
    4) What Add On s required for the GRC AC 12 configuration?
    5) When was GRC 12 launched?
    6) What is the difference between GRC 10.1 and GRC 12?
    7) What is the latest version of GRC?
    8) What was the earlier name of GRC? (Before SAP acquired)
    9) What is SOD?
    10) What is SOX law?
    11) What is the T-code for BC sets activation?
    12) What is BC Set?
    13) What is the T-code for Services activation?
    14) What is T-code to launch GRC Web Dynpro Page?
    15) What is the t-code for Launch pad Customization?
    16) What is the consequence of not activating necessary BC Sets?
    17)

    Connector Configuration:

    18) Explain connector configuration is detailed steps.


    19) What is the SPRO path for Connector Configuration?
    20) How many Integration Scenarios are there and what are they? What is the importance of each
    Integration Scenario?
    21) What is the purpose of Connector Group?
    22) What is the use of Subsequent Connector?
    23) What do you mean by PSS and where do you enable it?
    24) How many SAP Standard Sync jobs are available? What are they? What is the purpose of each
    SYNC job?
    25) If SYNC jobs fail, what could be the reasons?
    26) Please explain when each SYNC job should run and its frequency?
    27) Is there any difference while running SYNC jobs for ABAP system (ECC, BW, and HR) and JAVA
    System (Enterprise Portal)?
    28) What are different modes in which we can run SYNC jobs? These modes are applicable for which
    SYNC jobs?
    29) What do you mean by Default Connector?
    30) What ACTIONS are available to define as DEFAULT Connector?

    ARA:

    31) What is the purpose of ARA?


    32) What all activities are performed under ARA?
    33) What is RISK?
    34) What is FUNCTION?
    35) What is RULESET?
    36) What is Business Process? Where do you define it?
    37) What is GLOBAL rule set?
    38) Are you using Global rule set or Custom Rule Set?
    39) What is the difference between SOD risk and Critical Action Risk?
    40) What is the difference between Critical Action risk and Critical permission Risk?
    41) What is Simulation?
    42) Difference between Risk simulation and Risk Analysis?
    43) Can a T-code be part of multiple functions?
    44) When do we use the option “RISK FROM SIMULATION ONLY”in Simulation screen?
    45) When do you use “EXCLUDE VAULES” in Simulation screen?
    46) What is the difference between ONLINE and OFFLINE risk analysis?
    47) Types of Risk Analysis?
    48) Which one is preferable – User level or Role level Risk Analysis? Why?
    49) What is the difference between Risk Remediation and Risk Mitigation?
    50) What are steps involved in defining Mitigation Approver and Monitor?
    51) How to mitigate risk?
    52) How many mitigation controls are there in your project?

    EAM:

    53) What is the use of EAM?


    54) What is the difference between ID based and Role based fire fighter concept? What is the
    parameter id that controls this?
    55) What do you mean by Centralized FF concept? What is the parameter id that controls this?
    56) What is difference between Fire Fighter and FF ID?
    57) What is difference between FF ID Controller and FF ID Owner?
    58) What are different notification methods to notify FF ID Controller?
    59) If the FF ID is not visible in the GRC system when searched for it, what could be the issue?
    60) What are the SYNC jobs related to EAM?
    61) When new FF ID Controller has to be created, please explain all steps?
    62) When a new FF ID is has to be created, please explain all steps?
    63) If FF ID session log details are not displayed, what could be the issue?
    64) What are the T-codes to use FF ID?
    65) What are the disadvantages of Centralized FF ID concept?
    66) What are the advantages of Localized FF ID concept?

    BRM:

    67) What is purpose of BRM?


    68) What methodology are you using Default or Custom?
    69) How many steps are defined in Standard Default Methodology?
    70) Is it possible to use different Methodologies for different types of role?
    71) What is Business Role?
    72) Do you define System name for Business role?
    73) Are you using Role Import concept? Explain steps?
    74) What is the role naming convention you are using?
    75) If the role is not visible when searched while filling Access request form, what could be the
    issue?

    ARM:

    76) What is MSMP workflow? How it is different from GRC 5.3 workflow?
    77) How to customize the Access Form in ARM?
    78) What is the use of ARM?
    79) If the access form is not getting submitted, what could be the issue?
    80) What is BRF+? What its use?
    81) Why do we use BRF+ in GRC Access Control?
    82) What is process ID? How many process ids are there and name them?
    83) What are different rule kinds?
    84) What is Initiator rule?
    85) What is Agent Rule?
    86) What is Routing Rule?
    87) What is Notification rule?
    88) Are you using custom or default initiator rule?
    89) How many steps are there in MSMP workflow designing? What are they?
    90) Where do you define Initiator rule?
    91) What are 2 purpose of Agent rule?
    92) What are different Agent rule types?
    93) What are different Rule types?
    94) What is the T-code for Customizing Notifications templates?
    95) In which step of MSMP workflow, DISPLAY/CHANGE and SAVE tabs are available?
    96) How to define request number ranges? What is the Object name?
    97) What are the different conditions for Routing Rule?
    98) Can we transport MSMP workflow configuration?
    99) Can we transport BRF+ rules?
    100) What is the difference between “Auto provisioning at the end of the request “and“Auto
    provisioning at the end of the path“?

    Additional Questions:

    1) Can we Submit 2nd Access Request to the user when his 1st Access request in still pending and
    not closed?
    2) What do you mean by Stale Requests? What’s the program related to STALE requests?
    3) What is the use of GRFN_USER Auth Object?
    4) While submitting Access Request, can we change the “Validity from” date as past date? Will
    system throw error?
    5) What is the Auth Object for HOLD action for Access Requests?
    6) What is Training Verification Routing Rule?
    7) Can GRC Provision into SAP HANA Studio?
    8) What is the importance of symbol “^!” which appears in front of Auth Objects in Function of
    Risk, when downloaded into excel/notepad?
    9) If user already has 312 profiles assigned, Can we submit Access Request for new role
    assignment?
    10) In the above scenario, a) Role B is selected for REMOVE action and Role A is selected for Assign
    Action, b) Role A is selected for REMOVE action and Role B is selected for ASSIGN action?
    11) Can we see User Group in the Risk Analysis Report?
    12) What is the T-code for Launch pad Customization?
    13)

    You might also like