Advice on SAP GRC career

Hello,
My name is Vijay and I am from Denver, CO. I will be graduating with a Master's degree in Information Systems next month from Colorado State University. I have got a job as a ITPA Associate with a big four firm. My job description reads
1. Assisting clients in matters of Data Assurance, ERP Controls, IT Risk and Security Assurance,Data Protection and Privacy, Project Assurance, and Advanced Risk and Compliance Analytics
2. Providing ERP controls services to help audit and non-audit clients address risk and control needs around ERP systems
3. Assessing, recommending, designing and configuring controls as they relate to businessprocesses, ERP application security, and Governance, Risk and Compliance (GRC)".
4.Designing and assessing control related services around major ERP systems; and
5.Translating business requirements to efficient and integrated ERP control frameworks.
I am very new to SAP GRC. Can you please guide me through how to form a career path in SAP GRC?
Thanks,
Vijay

Hi Vijay,
SAP GRC is  good career path however you start your career basically as a sap security junior associate and finally lands up in the jobs like:
SAP Security and Controls Consultant
Senior SAP Security and Controls Consultant
SAP Security and Controls Administrator
SAP Security & GRC Consultant
SAP GRC Manager
SAP Process Controls Experts
SAP Advisory Manager - IT Risk Transformation etc.
Thanks & Regards
Subhasish

Similar Messages

  • Need advice on SAP BW career

    Hi everyone, i just wanted your opinion on some SAP BW career questions,
    1) Do i need to start with SAP FI/CO and then towarsd SAP BW in irder to become a real SAP BW professional or starting directly from SAP BW would be ok?
    2) Do i need to know SQL language?
    3) Do i need to know ABAP language?
    Thanx for you inputs.

    Hi
    1) Do i need to start with SAP FI/CO and then towarsd SAP BW in irder to become a real SAP BW professional or starting directly from SAP BW would be ok?
    Desirable but not required
    2) Do i need to know SQL language?
    Desirable but not required
    3) Do i need to know ABAP language?
    Very helpful but not necessity
    Assign points if useful
    Regards
    N Ganesh

  • CAreer in SAP BASIS comaprision with SAP GRC/Security

    Hi Everyone,
    I am an SAP BASIS consultant with 2 years of experience working in a MNC company,
    I want to change my career to SAP GRC/SAP Security, i have some basic knowledge on SAP Security,
    COuld you please advice me, which one to choose,?
    Does  SAP GRC/Security has demand , and can we get oportunities to work abroad compared to SAP BASIS ?
    which one has more scope SAP BASIS or SAP Security/GRC ?
    Because in BASIS, i am not getting enough scope to work on some good things like Installation, upgrades, Migration,
    i am doing a very basic kind of work like tranports, job scheduling, monitoring, and other small activities ?
    So request you people to advice me ?
    <removed_by_moderator>
    Read the "Rules of Engagement"
    regards
    Rakesh  Rao
    Message was edited by: Juan Reyes

    Hi Rakesh
    I saw your post in GRC and was waiting of it to appear here
    First up - 2 years is still junior. You may find batch jobs, transports, monitoring, etc all mundane but it is a foundation and learning ground work and foundations to being a good Basis Administration. And one things for sure, an awesome basic (I name my best-techy-friend) makes a huge difference on project timelines and deliverables for the rest of us.
    Installation and Upgrades come with time. Whilst still performing junior tasks you could focus on reading up on approaches in case an opportunity in your job comes us and be prepared to prove to your management that you are ready for a bigger responsibility.
    Switching to GRC/Security would be pointless unless you have a desire to learn GRC or Security. These are my background and they are undervalued until things go wrong (insurance policy in a way).
    If you do switch you will reset your 2 years of domain experience back to 0 and you will start off with password resets and basic user administration
    It takes time to work through the ranks. It was 3 years before I got to build my first role. I spent my first few years in security on email chasing approvals, password resets, user account creation, running reports for audit - sounds familiar to what you are doing now?
    You have to master the basics before you are trusted and ready for the more complex activities. By knowing what you are doing now you will be more successful when the time comes to step up and do migrations, upgrades and installations. Support production by mastering you technical analysis skills is how you can break through being a fresher/junior
    Regards
    Colleen
    Ps - if your motivation is more than "good things" happy to answer questions specific to security and GRC.
    Also, boring doesn't mean it can't get interesting nor does it mean it's a worthless activity: SPAU transport imported before patching!!
    Message was edited by: Colleen Lee
    Added link for when transports go bad

  • Role Upload template for SAP GRC CUP 5.3

    Good Morning / Afternoon / Evening SAP Security Gurus,
    I am looking to upload end user roles via a role upload template spreadsheet for use in SAP GRC CUP 5.3.  I am referring specifically to the recommended template mentioned in step 11 of the 5.3 Post Installation CUP guide, so that roles can be picked within ERM for workflow.
    According to the guide, it recommends uploading from the backend systems via a spreadsheet - any template versions or advice on finalising this would be most appreciated.
    Best Regards
    Steve

    Thanks Ashish,
    Someone else recommended this option as well via another forum. Have tried it out and working fine. 
    Thanks for the reply
    Steve

  • SAP GRC 5.3 - Do I need to install all tools initially

    Hi,
    I am looking into installing SAP GRC 5.3. At the moment we only want to use Risk Analysis and Remediation (RAR), Superuser Privilege Manager (SPM) and Risk Terminator. However we may want to implement CUP and ERM at a later stage as part of a seperate project. I am looking for some advice on how we should approach the install. Should we install all components initially or can they be easily installed and configured at a later stage?
    Thanks,
    Gary

    Hi Gary,
    SAP GRC Access Control comes with all four components like RAR,CUP,ERM& SPM.According to your organization's need you may configure the components which you want initially. Later on you may plan to configure other components.
    I am looking for some advice on how we should approach the install. Should we install all components initially or can they be easily installed and configured at a later stage?
    It's recommended by SAP to deploy all four components.
    Regards,
    Mohit

  • Allowed variables in SAP GRC RAR messages

    Hi experts,
    I'm using SAP GRC AC 5.3.
    In RAR, I want to configure message 0269 in cc_messages.txt file in order to change text including the description of the mitigation control.
    Does anybody knows what's is this variable name ? Or even, where can I find a list of allowed variables for insertion in messages ?
    Thanks,
    Roque.

    Roquevalder,
    I understand your question now. I see the message you are talking about:
    VIRSA_CC_MSG     0269     EN     error     The mitigating control was updated by #_!USERID#_! on #_!DATE#_! at #_!TIME#_!. This email serves a notification that you have been #_!STATUSCHANGED#_! as the monitor for : #_!LINESEP#_! #_!LINESEP#_! #_!LINESEP#_! #_!CONTROLIDTEXT#_! #_!CONTROLID#_! #_!LINESEP#_! #_!HROBJTYPELINE#_! #_!LINESEP#_! #_!OBJECTTYPE#_! #_!OBJECTID#_! #_!LINESEP#_! #_!ORGRULELINE#_! #_!LINESEP#_! #_!RISKIDTEXT#_! #_!RISKID#_! #_!LINESEP#_! #_!LINESEP#_! #_!MONTEXT#_! #_!MONITOR#_! #_!LINESEP#_! #_!LINESEP#_! #_!VALIDFROMTEXT#_! #_!VALIDFROM#_! #_!VALIDTOTEXT#_! #_!VALIDTO#_! #_!LINESEP#_! #_!LINESEP#_! #_!STATUSTEXT#_! #_!STATUS#_!
    But at the end of the file you have something like this:
    D     VIRSA_CC_MSGPRMS     0269     EN     CONTROLIDTEXT     CONTROLIDTEXT
    D     VIRSA_CC_MSGPRMS     0269     EN     CONTROLID     CONTROLID
    D     VIRSA_CC_MSGPRMS     0269     EN     HROBJTYPELINE     HROBJTYPELINE
    D     VIRSA_CC_MSGPRMS     0269     EN     ORGRULELINE     ORGRULELINE
    D     VIRSA_CC_MSGPRMS     0269     EN     RISKIDTEXT     RISKIDTEXT
    I guess if you want to add a value in the message you have also to define it at the tail of the file.
    My advice is to open a OSS message to ask for this functionality. You shouldn´t change it manually. Take into account that this file must be uploaded each time you update your GRC java components. So, if you make a custom change, you have to repeat that change every time you update. So I think you should ask SAP for this. They will probably include this field in next patches.
    Regards,
    Diego.

  • SAP GRC NF-e 10.0: Erro na interface NFB2B_procNFe_IB (contendo CDATA)

    Olá a todos.
    Poderiam por gentileza me ajudar com a questão abaixo?
    Estou com o seguinte problema na interface NFB2B_procNFe_IB do SAP GRC NF-e 10.0 (Support Package 15):
    Recebemos uma série de XML's de montadoras de automóveis que contém informações adicionais nas tags <infAdProd> e <infCpl>, como por exemplo:
      <infAdProd>VLR. PIS R$ 6,81 VLR. COFINS R$ 31,44<![CDATA[<ID ITEM=005115/><PED=4500159772/> <UM=PC/>]]></infAdProd>
    Porém ao inserir essa mensagem na interface NFB2B_procNFe_IB, a interface interpreta da seguinte forma:
        <infAdProd>VLR. PIS R$ 6,81 VLR. COFINS R$ 31,44
          <![CDATA[
            <ID ITEM=005115/>
            <PED=4500159772/>
            <UM=PC/>]]>
            </infAdProd>
    Sendo assim, ocorre o erro abaixo:
    <nm:ExchangeFaultDataExt xmlns:nm="http://sap.com/xi/NFE/common" xmlns:prx="urn:sap.com:proxy:NED:/1SAI/TAS8DFA2846CCAA9B6570C6:702">
      <faultText>Erro durante a transformação: Fim de elemento '{http://www.portalfiscal.inf.br/nfe}infAdProd' esperado programa: /1SAI/SAS6F90159886715E7C4560 caminho: nfeProc(1)NFe(1)infNFe(1)det(4)infAdProd(3)ID(1)</faultText>
      </nm:ExchangeFaultDataExt>
    Sei que temos algumas opções como:
    1. Alterar o XML no mapping do PI; (Funcionaria com mensagens processadas através do PI, mas não conseguiria inserir um XML manualmente via SE80)
    2. Alterar o XML no ABAP ao executar a classe /XNFE/CL_006NFB2B_PROC_NFE_IB; (Fazer algum replace nesses caracteres "<" e ">" por "&lt;" "&gt;"
    Mas como fazer isso sem danificar a assinatura do XML que já está assinado e autorizado na SEFAZ?
    Existe alguma nota SAP para corrigir esse problema?
    Agradeço desde já a atenção.
    Rodrigo Costa.

    Felipe,
    também tive o mesmo problema do lado do NTB2B_procNFe_OB. Tentei de várias formas transformar o XML para ficar aderente ao cliente, porém o PI sempre alterava o XML (possivelmente devido ao encoding).
    Vi muitos posts sobre o tema, mas ainda quando era o GRC NF-e 1.0, com a assinatura no Java. Para o GRC 10.0 não funciona, pois quando o xml chega no PI, o mesmo já está assinado, portanto não se pode alterar nada.
    A solução foi para nesses casos específicos enviar o xml através do ECC mesmo.
    Mas para o NFB2B_procNFe_IB ainda sem solução.
    Abs.
    Rodrigo.

  • SAP GRC NFE não processa NFE's com itens que possuam diferentes alíquotas de IPI.

    SAP GRC NFE não processa NFE's com itens que possuam diferentes alíquotas de IPI.
    Alguém sabe se esse problema já foi resolvido ou conhece um contorno para essa situação ?
    Desde a implantação em junho de 2013 não conseguimos processar notas que possuem itens com diferentes aliquotas de IPI.

    Bom dia Fernando (que bom te encontrar aqui também :-)!
    Então, o Denny da SAP Alemanha me retornou dizendo que temos que instalar o XI Content SLL-NFE 10.0 e criar novamente os cenários da NF-e.
    Eu estou entrando em contato com o nosso Basis que fica em Lima para ver se é possível que ele instale este componente, para que eu crie novamente os cenários da NF-e (extensão _900).
    Após a recriação dos cenários, será que eu consigo reenviar as NF-e de teste novamente ou terei que estornar os documentos e fazer os processos novamente?
    Obrigado pela ajuda!
    Att.
    Daniel

  • SAP SP necessária para suportar os componentes para o SAP GRC NFE 1.0 no XI

    oi,
    Como estamos atualizando as nossas caixas de XI de SAP XI SAP PI 3.0 para 7,11, verificando o SLD notamos que Nota Fiscal componente de software está disponível. Assim, a pergunta é o que é que os Service Packs do sistema fonte precisa ter, a fim de fornecer todos os componentes necessários para a NF-e?
    temos dois sistemas de fonte da qual enviamos os dados para XI, você pode sugerir o que é o pacote de serviços adequados para apoiar SAP GRC NFE 1.0 no XI
    1> 6,0 SAP ECC, SP, 14
    EHP 2, Nível 2
    PI_Basis = 2005_1_700, Level 14
    ST = PI 2008_1_700 Nível 2
    2> 6,0 SAP ECC, EHP 4
    Muito obrigado

    Ola, vi o seu e-mail mas resolvi responder por aqui!
    Na realidade, se voce for realmente trabalhar com o GRC, dependendo da secretaria da fazenda que voce ira trabalhar aconselhor que voce aplique o sp15 no grc, consule SAP Note 1487119, nessa nota haverao todos os procedimentos necessarios.
    Como haviamos falado anteriormente por e-mail, seria necessario, caso vc realmente queira trabalhar com o GRC a aplicacao de algumas notas tecnicas no proprio GRC.
    1477834     XML Layout Version 2.00: Missing parameters in NF-e BAdI
    1487119     SAPK-10015INSLLNFE: Support Package 15 for SLL-NFE
    1496216     Rejection of NFe because of wrong data type of date fields
    1499921     Problem with validation after implementing SP15
    1498700     Problem on signing NF-e
    1497767     Fill field qTrib for new layout version 2.0
    1500046     Upgrade validation rule for field ID for version 2.0
    1500742     Adjust validation for field NADICAO and NSEQADIC layout 2.00
    1501545     Problems in trying to see a XML in the IE
    1502612     Select the NFe Status Check Service for Incoming B2B message
    1502217     Extend validation rules for <DI>/<adi>, layout 2.00
    Sem mais, precisando me mais ajuda avise

  • SAP GRC NFE

    Hello,
    eu estou trabalhando no electronica fiscal de Nota. Nós temos seguintes sistemas: --
    SAP R/3 -
    SAP GRC NFE--JAVA (assinaturas digitais)-SAP NETWEAVER PI/XI -
    As AUTORIDADES (PARA A AUTORIZAÇÃO)
    como eu verificam a conexão entre estes sistemas. Como eu sei uma comunicação existe entre
    SAP GRC NFE--JAVA (assinaturas digitais)-SAP NETWEAVER PI/XI -
    A conexão das AUTORIDADES (PARA A AUTORIZAÇÃO)
    foi feita já com sucesso entre SAP R/3 E SAP GRC NFE através do RFC.
    Por favor ajuda.
    Agradecimentos adiantado,
    Honey

    Bom dia Honey,
    Além da comunicação entre os sistemas, você deve customizar as Sefaz-es e também os CNPJs na SPRO do GRC.
    Acompanhe as telas aqui:
    SAP GRC NFE 1.0 - New Solution Introduction & Implemention Best Practices
    Você pode testar o serviço assinador (java) diretamente pelo web service:
    Web Service Navigator
    Leonardo deu uma boa dica para testar o customizing dos serviços e comunicação com o sistema externo (Sefaz).
    Atenciosamente, Fernando Da Ró

  • SAP GRC NF-e 10.0 - Problema durante Upgrade (mensagem /XNFE/APP 011)

    Boa tarde a todos!
    Realizamos o "Upgrade" do SAP GRC NF-e da versão 1.0 para a versão 10.0 (SLL-NFE 900, nível 0008) e estamos convivendo com um problema em uma mensagem XML do PI.
    Na transação SXMB_MONI, monitor de mensagens processadas, ao filtrar por mensagens com SELSTAT = 017 Application Error - Manual Restart Possible, encontramos problemas em mensagens do seguinte tipo:
    Sender: BATCH_BatchProcess_006
    Receiver: CLNT100TND (Mandante 100 do Sistema TND)
    Receiver Interface Namespace: http://sap.com/xi/NFE/006
    Receiver Interface: BATCH_nfeRecepcaoLoteResponse_IB
    Para estes, quando vou até o detalhe da mensagem e seleciono "Call Inbound Proxy" (com status vermelho), em "Payloads", vejo o erro "Não existe ID de lote  000000000000000".
    Pelo que vi na tabela T100, a mensagem se refere ao código /XNFE/APP, número 011.
    Por que será que está acontecendo este erro? Alguém já vivenciou esta situação antes?
    P.S.: Já abri chamado na SAP e eles encaminharam o problema para a SAP Alemanha...
    Obrigado,
    Daniel

    Bom dia Fernando (que bom te encontrar aqui também :-)!
    Então, o Denny da SAP Alemanha me retornou dizendo que temos que instalar o XI Content SLL-NFE 10.0 e criar novamente os cenários da NF-e.
    Eu estou entrando em contato com o nosso Basis que fica em Lima para ver se é possível que ele instale este componente, para que eu crie novamente os cenários da NF-e (extensão _900).
    Após a recriação dos cenários, será que eu consigo reenviar as NF-e de teste novamente ou terei que estornar os documentos e fazer os processos novamente?
    Obrigado pela ajuda!
    Att.
    Daniel

  • List of Issues/ problems in SAP GRC AC 5.3 Implementation

    Hello,
    Can anyone provide me with the list of most commonly occurring problems related to
    1- SAP GRC Suite Installation
    2- RAR Module implementation
    3- CUP Module implementation
    4- ERM Module implementation
    5- SPM Module implementation
    6- SAP PC 2.5 implementation
    7- SAP RT Module implementation
    8- SAP GRC Suite Upgradation.
    Thanks in advance!!!

    Hi Abdul,
    As such there are no issues in implemeting the AC modules.
    Just make sure that you undeploy previously installed SP before deploying the new Support packages.
    1. You have to upload the initial file (xml files) again in CUP and ERM. These files should be corresponding to latest support pack.
    2. upload the CC 53_Messages.txt file in RAR with every upgrade.
    Also restart the server after deploying any following the above steps.
    For RT you can follow the note 1225960, 1060673 and make sure to restart the server after configuring the SAP Adapter.
    Regards,
    shweta

  • Can SAP GRC AC 5.3 connect without any problem with SAP R/3 4.7 Enterprise?

    hello,
    I went to the PAM in the SAP Marketplace to see if SAP GRC AC 5.3 could connect to SAP R/3 4.7 Enterprise but I can't see all the "Add-On Product Version for...", it's cut off.
    Can SAP GRC AC 5.3 connect without any problem with SAP R/3 4.7 Enterprise?
    If I can't is there any proof about it? I have to show it to a client.
    Best Regards,
    Pablo Mortera,

    Pablo,
    GRC AC 5.3 works perfectly fine with SAP's R/3 4.6c, mySAP ERP 4.7 and ECC systems. In fact we have two 4.7 Enterprise systems connected to GRC AC 5.3 system.
    You can get the details of supported SAP ERP systems under prerequisite section of Info page of GRC AC 5.3 , it can be accessed on marketplace at -
    Downloads-->Installations and Upgrades - Entry by Application Group > SAP Solutions for Governance, Risk, and Compliance>SAP GRC Access Control>SAP GRC ACCESS CONTROL>SAP GRC ACCESS CONTROL 5.3
    Just ensure to have proper BASIS and ABAP support pack level as mentioned in prerequisites.
    Regards,
    Amol

  • Nota fiscal send from R/3 to SAP GRC NFE

    Hello Everyone,
    We have send NFe from sap r/3 to sap grc nfe thru RFC . We cannot trace in GRC .
    What could be the possible error .
    please help.
    Honey

    Hi Honey,
    If configuration is correct on R/3 you can see the received data on tables /xnfe/nfehd (header), /xnfe/nfeit (item) and /xnfe/nfe_hist (history).
    A good approuch to you check what system is being called is put a break-point before R/3 call GRC on the end of function J_1B_NF_MAP_TO_XML or include LJ_1B_NFEF42.
    You can easily start debug on R/3 and follow inside GRC automatically when debugging, but the user of RFC need to be DIALOG and have debug rights. It's not possible do it with a service user.
    Check if the correct FM is being called /xnfe/nfe_create, for other messaging system the FM is J_1B_NFE_XML_OUT (if customizations is wrong you will check this error on ST22 on GRC).
    Kind regards, Fernando Da Ros

  • SAP GRC 10.0 on ECC

    Hi Guys,
    We are planning on implementing SAP GRC 10.0. Our Basis guy has suggested that we can use ECC (EHP 6) box for installing the add on(GRCFND_A) component for it. The reason for this is to avoid adding another system to the landscape and to reduce the cost of implementation
    Are there any known issues using this approach?
    Thanks in advance,
    Silver

    Hi
    the GRC project is totally IT driven.
    I get why you are having to drive this - especially when you have to respond to audit requirements and your focus is on support processes.
    However, GRC is all about business risk management - Governance, Risk and Compliance (well internal controls). The GRC System is just the tool to manage this. Without business buy in how is this going to be successful? Who will review business process to determine what a risk is? Who in a senior leadership position will determine what risks are acceptable? Who will determine appropriate controls, report on them, and more importantly enforce them? Who in a leadership position will champion the project and support why a user must work a certain why (including access removed from them)?
    I get that you are focussing on a POC and trying to minimise cost but what happens post POC? I've given recommendations where I've said don't put in GRC until you sort your process and culture. I've done this as much as the innner techy in me knows I won't get to play with a new toy because without all the business buy-in you will have a system built and deployed that gives you a false sense of security when it comes to managing access controls.
    Another way to look at the SP issues - what happens if it's on ECC and the functional team (aka the business representatives) demand an SP increase for their functionality? They proceed to increase SP and now your functionality stops working.. which then impacts the business as you can't process their access requests and give them timely access to the system (assume this is your business case). Are your basis team going to tell the business that they can't have the SP stack increase because IT needs the system on a certain level and they need to wait until next time it's compatible?
    Good luck with your POC. I understand it will allow you to use the tool and check what will work for the business. If you are still undecided on system landscape post POC, take care in having that decision made for you. As you go down the POC path and time runs out the project may move from POC to design/build and now that it's working there will be reluctance to move it to a separate system.
    Regards
    Colleen

Maybe you are looking for

  • AT&T Amber Update Lumia 920

    I was the first person in my state to have a white 920. It was the only one available according to the rep, to the dismay of everyone in line behind me. (I was first in line at the store ) I have been amazingly pleased with the updates, in both speed

  • White screen after Quicktime Pro 7 captures

    I use an automator script in combination with iCal and Quicktime Pro 7.6.6 to capture video content overnight from a commercial satellite. Most mornings when I wake the screen from sleep (I don't put the processor to sleep) Quicktime Pro has successf

  • User change log report in Console

    Dear Experts, We have one audit requirement. We need u2018change logu2019 for useru2019s role modification. I checked in console logs. I found the log for delete user & modify user. In case of delete user it is giving details which are the users had

  • Old calandar entries being deleted

    Hi, My Blackberry handset has been deleting old calendar entries.  When i synchronise with my desktop, i lose the old entries. It's a Pearl 9105, OS6, T mobile. I've checked in 'calendar' 'options' on my handset and checked that it is set to 'keep fo

  • Deployment descriptor Preferences

    Hi All Was just curious to know whether its possible to have multiple values for a deployment descriptor property at design time which allows me to select one value at run time. ( something like drop down ) It will be great if someone could let me kn