Cutover Plan SAP GRC AC

Similar Messages

• SAP GRC 5.2 Microsoft Project Plan

  Ladies and Gentlemen:
  In the past, somewhere I found the SAP GRC Microsoft Project Plan.  Can someone please tell me where I can find this now or can someone send it to me?
  Regards,
  Greg

  Hi guys,
  please stop this.
  The plan is available as part of the GRC Best Practice site:
  http://help.sap.com/bp_grcv152/GRC_US/HTML/index.htm
  Please get it from there.
  Frank.

• SAP GRC 10.0 on ECC

  Hi Guys,
  We are planning on implementing SAP GRC 10.0. Our Basis guy has suggested that we can use ECC (EHP 6) box for installing the add on(GRCFND_A) component for it. The reason for this is to avoid adding another system to the landscape and to reduce the cost of implementation
  Are there any known issues using this approach?
  Thanks in advance,
  Silver

  Hi
  the GRC project is totally IT driven.
  I get why you are having to drive this - especially when you have to respond to audit requirements and your focus is on support processes.
  However, GRC is all about business risk management - Governance, Risk and Compliance (well internal controls). The GRC System is just the tool to manage this. Without business buy in how is this going to be successful? Who will review business process to determine what a risk is? Who in a senior leadership position will determine what risks are acceptable? Who will determine appropriate controls, report on them, and more importantly enforce them? Who in a leadership position will champion the project and support why a user must work a certain why (including access removed from them)?
  I get that you are focussing on a POC and trying to minimise cost but what happens post POC? I've given recommendations where I've said don't put in GRC until you sort your process and culture. I've done this as much as the innner techy in me knows I won't get to play with a new toy because without all the business buy-in you will have a system built and deployed that gives you a false sense of security when it comes to managing access controls.
  Another way to look at the SP issues - what happens if it's on ECC and the functional team (aka the business representatives) demand an SP increase for their functionality? They proceed to increase SP and now your functionality stops working.. which then impacts the business as you can't process their access requests and give them timely access to the system (assume this is your business case). Are your basis team going to tell the business that they can't have the SP stack increase because IT needs the system on a certain level and they need to wait until next time it's compatible?
  Good luck with your POC. I understand it will allow you to use the tool and check what will work for the business. If you are still undecided on system landscape post POC, take care in having that decision made for you. As you go down the POC path and time runs out the project may move from POC to design/build and now that it's working there will be reluctance to move it to a separate system.
  Regards
  Colleen

• SAP GRC 5.3 Ramp up

  Does SAP GRC 5.3 Ramp up have complete integration with NW IDM 7.0?
  Note:
  We have enaged with SAP for GRC 5.3 Ramp up program and also we have the plans of integrating NW IDM 7.0 & GRC 5.3.

  Well, my previous project we have integrated Siteminder with AE 5.2 using Apache as the web server and its production now.
  Netweaver IDM can be integrated with AE and CC.
  Check out for the document.,
  SAP NetWeaver® Identity Management GRC Integration
  Thanks.
  Regards,
  Muthu Kumaran KG

• Cutover plan on Project systems

  Hi Friends
  Can any one help me to prepare Project systems cutover plan, if you have any cutover plan on Project systems could you please pass me to
  harikrishna underscore sd at yahoo dot com
  Our requirement is we are going to stop the existing client and we are creating a new client and will continue with the same. So how we should update the projects of various stages in the new client and how to close in the existing client.
  Regards,
  Hari

  Hi,
  Plz refer this links it may help u.
  http://sapdocs.info/2008/09/22/sap-go-live-strategy/
  CUTOVER
  http://www.sap-img.com/sap-implementation.htm
  Cutovers
  Different types of testing in a SAP Implementation project
  Regards
  Chandra

• Installing SAP GRC AC 5.3 and 5.2 in same windows server

  Hi All,
  Is it possible to run both SAP GRC AC 5.3 and 5.2 on the same server? Basically for testing purpose prior to upgrade?
  What would be the technical issues?
  Regards,
  Nagendran

  Hi All,
  We have a similar requirement:
  We have WAS640AC5.2 running in a windows server connecing to backend landscape "A". We plan to install WAS700AC5.3 in this same server for backend landscape "B".
  What i would like to know is WAS640AC5.2 & WAS700AC5.3 can exist together in the same server?
  Regards,
  Muruga

• Migarting from Approva to SAP GRC AC 5.3

  Hello All,
  One of our client using Approva applications now they are planning to move to SAP GRC Access Controls 5.3, so kindly help me or guide he how I proceed.
  Key doubts u2013
  1-How we upload rules in RAR, because we downloaded the rules from Approva.
  2-Creation of mitigation controls etc.
  It would be great if some share some documents related to above.
  Thanks,
  Jagat

  Hi Jagat,
  Once your GRC system is configured. You have to follow the following steps:
  1. Create system connector
  2. Define Master User Source
  3. Upload text & authorization objects. (Follow the AC53 Configuration guide to download these files from backend)
  4. Now as Frank has suggested you have to convert the downloaded Apporava files to .txt files. There are 9 .txt files you have to create:
  1. Business Process
  BusinessProcessId (CHAR 4)     LANGUAGE  (CHAR 2)     DESCRIPTION LANGUAGE  (CHAR 120)
  *fileds are TAB seperated
  2. Function
  FUNCTION ID (CHAR 8)     LANGUAGE  (CHAR 2)     DESCRIPTION LANGUAGE  (CHAR 120)     FUNCTION SCOPE (CHAR 1 (S:Single System, C: Cross System))
  3. Function-Business Process
  FUNCTION ID (CHAR 8)     BusinessProcessId (CHAR 4)
  4. Function-Action
  FUNCTION ID (CHAR 8)    TRANSACTION(CHAR 20)     STATUS (NUMC 1 (0 or 1))
  5. Function-Permission
  FUNCTION ID (CHAR 8)     T-CODE (CHAR 20)     OBJECT(CHAR 10)     FIELD(CHAR 10)     FROM VALUE(CHAR 40)     TO VALUE(CHAR 40)     SEARCH TYPE(CHAR3 (AND,OR,NOT))       STATUS (NUMC 1 (0 or 1))       
  6. Rule Set
  RuleSetId (CHAR 8)     LANGUAGE  (CHAR 2)     DESCRIPTION (CHAR 132)
  7. Risk ID
  RISKID (CHAR 4)     FUNCTION_1_ID  (CHAR 8)     FUNCTION_2_ID  (CHAR 8)     FUNCTION_3_ID  (CHAR 8)     FUNCTION_4_ID  (CHAR 8)     FUNCTION_5_ID  (CHAR 8)     BusinessProcessId (CHAR 4)       PRIORITYDESCRIPTION (NUMC 1 (0=Medium
  1=High 2=Low 3=Critical))      STATUS (NUMC 1 (0 or 1))        RISKTYPE (CHAR 1 (1=SoD 2=Critical Action 3=Critical Permission))
  8. Risk Description
  RISKID (CHAR 4)       LANGUAGE  (CHAR 2)     RISKDESCRIPTION (CHAR 132)     DETAILDESCRIPTION (CHAR 1000)     CONTROLOBJECTIVE (CHAR 1000)
  9. RISK_RULESET
  RISKID (CHAR 4)       RuleSetId (CHAR 8)
  For more information on templates follow the configuration guide.
  Upload these files and generate the rules.
  Hope with this you will be able to continue.
  Thanks & Regards,
  Jitan

• Migrate SAP GRC AC 5.3 SP13 (System A - System B)

  Hello all,
  currently we have setup 2 SAP GRC AC 5.3 SP13 SAP instances (DEV / PRD) for the customer's SAP ERP system landscape. Those systems also contain some customer business functionality.
  Because of business requirements the PRD Java Instance needs to be deleted and built up again from scratch with another WebAS Java Release Version (same SID, same Hardware, etc.).
  Our plan is now to setup a dedicated Java instance which will contain the PRD installation of SAP GRC AC (new SID, different hardware, etc.) to avoid similar problems in the future. Therefore we have to migrate all of the RAR data from the "old" Java instance to the newly setup Java system. We especially need to migrate all of the RAR analysis data (e.g. SoD violation analyses of previous months, etc.), otherwise we would loose all of this information when the "old" installation is deleted and built up again.
  I have checked all of the SAP documentation for SAP GRC AC 5.3 and only found these clues:
  In document "SAP GRC AC 5.3 Configuration Guide v3.16 - Chapter Utilities -> Export Utility / Import Utility" it only says
  something about exporting / importing rule sets, mititgating controls, etc. Can these tools also be used to export / import
  analysis data too ?
  In document "SAP GRC AC 5.3 Installation Guide v2.2 - Chapter Post-System Copy Configuration" it only says something about
  steps to be executed if the SAP GRC AC installation was done via system copy. But there is no information about migrating RAR analysis data.
  In document "SAP GRC AC 5.3 Operations Guide v2.1 - 7.2 Backup strategies" it says that in order to restore the system "you need to back up all tables with the following prefixes: VIRSA and VT". Can we simply do a backup of all of those tables, import
  them into the database of the new system and the use the export/import utility to move all of the configuration etc. from the old system to the new one ?
  Regards,
  Benjamin
  Edited by: Benjamin Schlotz on Jun 30, 2011 11:57 AM

  Hello Sunny, hello Frank,
  thanks for the quick replies.
  I did know about the SNOTE regarding the post migration steps, but the To-Do's Frank posted had some additional info in them.
  One question remains still open though:
  How to actually migrate all the GRC AC RAR data (incl. old analysis data) from System A to System B
  Our intended course of action would be:
  1. Deploy SAP GRC AC on System B (same Version, SP-level etc. as in System A)
  2. Export all VIRSA* and VT* tables from DB of System A, import them all in DB of system B
  3. Export all configuration, etc. from System A, import it into System B (using the export / import functionality within RAR)
  4. Do all the post-migration tasks described by you
  Would you agree with that course of action / know any pitfalls, etc ? We need to have all the "old" RAR analysis data from System A in System B after the migration because System A will be shutdown and deleted.
  Regards,
  Benjamin

• SAP GRC 5.3 - Do I need to install all tools initially

  Hi,
  I am looking into installing SAP GRC 5.3. At the moment we only want to use Risk Analysis and Remediation (RAR), Superuser Privilege Manager (SPM) and Risk Terminator. However we may want to implement CUP and ERM at a later stage as part of a seperate project. I am looking for some advice on how we should approach the install. Should we install all components initially or can they be easily installed and configured at a later stage?
  Thanks,
  Gary

  Hi Gary,
  SAP GRC Access Control comes with all four components like RAR,CUP,ERM& SPM.According to your organization's need you may configure the components which you want initially. Later on you may plan to configure other components.
  I am looking for some advice on how we should approach the install. Should we install all components initially or can they be easily installed and configured at a later stage?
  It's recommended by SAP to deploy all four components.
  Regards,
  Mohit

• SAP GRC latest patch in MoPZ

  Hi Experts
  We are planning to upgrade our ERP to EHP6 from EHP4 . While genreating the stackfile , in the select add step , i do not find the latest patch for SAP GRC component 5.3 (VIRSAHR and VIRSANH).
  Select Add on :
  I have assigned the required product version for GRC components . Could you please help me , how to  get the latest version of the GRC components in the MoPZ .
  Regards
  Bala

  Hi,
  There have been enhancement packages release by SAP in ECC 6.0 and the latest released is EHP 6 for ECC 6.0
  for the software component SAP_HR the release is 604 and the level is 42
  for the software component EA_HR the release is 605 and the level is 19.
  Your BASIS consultant would be of great help in this regard letting you know whats the latest.
  I hope i addressed your query.
  All the best to you
  Regards
  RR

• Enterprise Risk Management Approach in SAP GRC

  Hi All,
  Can you please let me know  as to what is the approach followed for implementation of  Enterprise Risk Management (ERM) in SAP GRC.  Also please tell me how the internal control frameworks like COSO, COBIT is mapped to ERM in SAP GRC.
  Regards
  Vivek

  Dear Vivek,
  While assigning roles to users, you will be displayed the risks that are identified with those roles, if any. You can either mitigate or remove the roles.
  The process covered by GRC Risk management includes the following steps:
  -Risk Planning: Determines the approach to risk management in each business area or project. This includes setting up the risk management organization and defining risk thresholds . This phase is partially supported by a software application.
  -Risk Identification and Analysis: Identifies the risks in order to analyze and prioritize them along different attributes, such as probability of occurrence and potential total loss associated to the risk.
  -Risk Response: Decides on actions needed to respond to a risk. One action could be to actively mitigate the risk to reduce probability of occurrence and/or potential impact.
  -Risk Monitoring: Includes the regular update of risk information and the risk reporting to monitor progress along the risk management process.
  The Risk Management application provides a set of different reporting capabilities based on the individual needs of the target groups:
  -A set of built-in reports that are delivered with the application. These reports allow risk managers to review the current risk state.
  -Visual Composer based dashboards that provide information about the current risk status on an aggregated basis. The dashboards fulfill the risk reporting needs of senior managers and line managers.
  Step 1: You maintain the Risk structure
  1. You set up the organizational hierarchy
  2. You set up the Activity Hierarchy
  3. You set up the Risk Hierarchy
  Step 2: You perform the Risk Assessment
  1. You identify the risks
  2. You analyze the risks
  3. You respond to risks
  4. You document the Incidents
  Step 3: You analyze risk reports
  1. You generate risk reports
  2. You report the incidents
  Step 4: You analyze the dashboards
  Refer SAP documentation on GRC for more information.
  Regards,
  Naveen.

• BW Go-live cutover plan

  Hi All,
  Our BW system is supposed to golive along with the SAP R/3 golive date. We have to do cutover plan for this. Is there any standard template or documents on this? Please help me out.
  Thanks & regards,
  Vaskar

  Dear Sujan,
  check the below link for GO live strategy.
  http://www.saptechies.com/sap-pdf-books-download/SAP_Go_live_strategy11248141773.pdf
  Search the Google for BBP Document quastions.
  Regards,
  Kishore K
  Edited by: kishore babu on Dec 22, 2009 8:21 AM

• SAP GRC Installation

  Dears,
  We are planning to install GRC.Beinf new to GRC I have some doubts for it.
  1- When searching for installation guide I found several components Like Access Control,Risk Managament..
  We want to install all these component so I want to know do I need to install all these components sepratley on server or they can be install on a server and these components are independent of each other or do i need to install a common platform and on that i can install all required componenets.
  2-I have searched a lot but not found any sizing guide for it,So please what should be hardware configuration for it.
  Please Suggest.
  Shivam

  Hi Shivam,
  GRC AC5.3 contains four components called
  1)Risk Analysis and Remediation ( Previous Name Compliance Calibrator)
  2) Compliant User Provisioning     (Previous Name Access Enforcer)
  3)Enterprise Role Management     (Previous Name Role Expert)
  4) Superuser Privilege Management (Previous Name Fire Fighter)
  Depending upon your organisation requirement you have to install these components.
  You can deploy these component in one netweaver server.
  For Installation guides click on the links of SAP service marketplace below,
  https://websmp207.sap-ag.de/~form/sapnet?_SHORTKEY=01100035870000718186&
  Then click on SAP GRC Access Control 5.3 and you will get the list of documents of GRC AC5.3 which is the latest version of GRC.
  And the GRC Sizing guide is available in the marketplace.
  If you require any other info then let me know.
  Reagrds,
  Sudip.

• License for SAP GRC

  Hi All,
  We are planning to implement the SAP GRC. For this, I would like to know, if Netweaver license is part of GRC software or it needs to be procured seperately ?
  Any suggestion on this please!!!
  Thanks & Regards,
  Santhosh Kumar P

  Hi,
  It depends upon the your company license contract with SAP, Check with your SAP account contacts.
  hope this helps,
  Kalyan.

• SAP GRC NF-e 10.0: Erro na interface NFB2B_procNFe_IB (contendo CDATA)

  Olá a todos.
  Poderiam por gentileza me ajudar com a questão abaixo?
  Estou com o seguinte problema na interface NFB2B_procNFe_IB do SAP GRC NF-e 10.0 (Support Package 15):
  Recebemos uma série de XML's de montadoras de automóveis que contém informações adicionais nas tags <infAdProd> e <infCpl>, como por exemplo:
    <infAdProd>VLR. PIS R$ 6,81 VLR. COFINS R$ 31,44<![CDATA[<ID ITEM=005115/><PED=4500159772/> <UM=PC/>]]></infAdProd>
  Porém ao inserir essa mensagem na interface NFB2B_procNFe_IB, a interface interpreta da seguinte forma:
      <infAdProd>VLR. PIS R$ 6,81 VLR. COFINS R$ 31,44
        <![CDATA[
          <ID ITEM=005115/>
          <PED=4500159772/>
          <UM=PC/>]]>
          </infAdProd>
  Sendo assim, ocorre o erro abaixo:
  <nm:ExchangeFaultDataExt xmlns:nm="http://sap.com/xi/NFE/common" xmlns:prx="urn:sap.com:proxy:NED:/1SAI/TAS8DFA2846CCAA9B6570C6:702">
    <faultText>Erro durante a transformação: Fim de elemento '{http://www.portalfiscal.inf.br/nfe}infAdProd' esperado programa: /1SAI/SAS6F90159886715E7C4560 caminho: nfeProc(1)NFe(1)infNFe(1)det(4)infAdProd(3)ID(1)</faultText>
    </nm:ExchangeFaultDataExt>
  Sei que temos algumas opções como:
  1. Alterar o XML no mapping do PI; (Funcionaria com mensagens processadas através do PI, mas não conseguiria inserir um XML manualmente via SE80)
  2. Alterar o XML no ABAP ao executar a classe /XNFE/CL_006NFB2B_PROC_NFE_IB; (Fazer algum replace nesses caracteres "<" e ">" por "&lt;" "&gt;"
  Mas como fazer isso sem danificar a assinatura do XML que já está assinado e autorizado na SEFAZ?
  Existe alguma nota SAP para corrigir esse problema?
  Agradeço desde já a atenção.
  Rodrigo Costa.

  Felipe,
  também tive o mesmo problema do lado do NTB2B_procNFe_OB. Tentei de várias formas transformar o XML para ficar aderente ao cliente, porém o PI sempre alterava o XML (possivelmente devido ao encoding).
  Vi muitos posts sobre o tema, mas ainda quando era o GRC NF-e 1.0, com a assinatura no Java. Para o GRC 10.0 não funciona, pois quando o xml chega no PI, o mesmo já está assinado, portanto não se pode alterar nada.
  A solução foi para nesses casos específicos enviar o xml através do ECC mesmo.
  Mas para o NFB2B_procNFe_IB ainda sem solução.
  Abs.
  Rodrigo.