SAP GRC Access Control - Compliance Calibrator - License Cost

Dear all,
I have some questions on Compliance Calibrator implementation.
1. Do  we have to pay additional cost for the license to implement Compliance Calibrator?
2. Since SAP GRC 5.3 is just released, which one do you recommend? SAP GRC 5.2 or 5.3?
3. What would be the major difference between Compliance Calibrator in GRC 5.2 and 5.3?
Best regards,
Rolando

Hi Rolando-
1. Yes, there lies some license cost and the amount should not as much as taking SAP R/3 license. I am not sure of exact amount but its nominal as compared to other SAP products.
2. SAP always recommend for the latest version available and why not one would go for latest version if you are paying something for that.
Also, it depends on your existing R/3 version and its compatibility. In short run, you can choose per your existing versions but in long run everyone has to move to latest version. Say for example whoever is using SAP R/3 technology with whatever version, they all need to upgrade to ECC6.0 by 2011 with extension upto 2013. I am not sure of any such information about GRC AC though.
3. Some enhancement have been done with CC 5.3. Those features include-
1. Risk analysis for SAP Enterprise Portal and UME
2. BI integration for custom reporting
3. Reporting enhancement features include additional auditor, business manager and IT reports
4. SOD management by exception. Can be integrated with workflow.
5. Import/Export of configuration data
6. Migration scripts
7. Download and print capability on every report.
Some performance improvements-
1. Concurrent risk analysis.
2. batch mode risk analysis
3. Improved memory mgmnt etc.
Hope it gives you now some more visibility.
Cheers!
Ashok

Similar Messages

  • Add Fields in CUP Request - SAP GRC Access Control 5.3

    Dear Friends,
    I am wondering on how to add fields value in CUP (Compliant User Provisioning) SAP GRC AC 5.3.
    Currently i'm leading 9 SAP Security Coordinators in Indonesia and i want to create Performance Metrics on how long the CUP Requests is processed. It needs to enhance the CUP by adding value Delegation of Authority and the record no. of the DOA requests.
    Really appreciate your inputs on how to add fields value in CUP.
    Thank you so much
    -Mesti-
    Edited by: AnnisaPramesti on Jan 2, 2012 5:37 PM

    Hi.
    Check under http://service.sap.com/instguides
    SAP BusinessObjects -> SAP BusinessObjects Governance, Risk, Compliance (GRC) -> Access Control -> SAP GRC Access Control 5.3
    Cheers,
    Diego.

  • SAP GRC Access Control 5.3 .TXT - where to upload it

    Hi Experts,
    can anyone please tell me, I have to deploy/upload the patch:
    SAP GRC Access Control 5.3 .TXT SP04
    As I am new to GRC, can somebody please tell me where I upload/deploy this file.
    Is it on the server at operating system level, or through the application in the Web Browser ?
    Thanks and regards,
    Petr.

    HI ,
    As sahad said that is the right way to extract the *.SAR files the syntax is given below .
    for unix : SAPCAR -xvf /<path>/<filename>
    windows : SAPCAR -xvf <volume>:\<path>\<filename>
    If you donot specify the path then it would get extracted in the path where you are right now means the same location where you the *.SAR file is present and then you can upload .
    Then you can login into RAR portal and then go to configuration tab then click on utilities which would be the last option and then click on import and give the file location.

  • SAP GRC Access Control 5.3 intergration with orcale

    Good Day GRC Gurus,
    We want to integrate SAP GRC Access Control 5.3 with ORACLE.
    It would be great if someone could share some documents, presentation and experience on the same.
    Thanks in advance!!!!!!!!!!!!!
    Thanks and Regards,
    Jagat

    Hello Hersh,
    RTA for Oracle is basically a set of PL/SQL stored procedures to create grc schema, grant access and object creation. The package was created using oracle 11.5.10.2 version. I am not sure about the compatibility of the package with the new versions of oracle but still batch mode risk analysis is achievable even if the RTA is not compatible.
    I do not really like batch mode but it does serve the purpose. If I get a chance to test oracle RTA on new version I will surely share it with you.
    Best Regards,
    Amol Bharti
    http://amudee.com

  • Cross-enterprise integration of SAP GRC Access Control with PeopleSoft

    Friends,
    Does anybody has/have/had the owner to implement Cross-enterprise integration of SAP GRC Access Controls 5.2 with PeopleSoft ?
    If yes, what are the key points and approach one should keep in mind while going for this kind of cross-enterprise implementation.
    Is there any reference material, blog, wiki or such informative resource regarding cross enterprise GRC implementation available on the web?
    I tried to search, but could not get good results.
    Any help would be highly appreciated.
    Best Regards,
    Amol Bharti

    Amol-
    From my experience:
    CC 5.2 with Peoplesoft: as long as you have the RTA's installed in the Peoplesoft system and create the connectors in CC, you are good to go.
    AE 5.2 with Peoplesoft: cannot provision to Peoplesoft, however you can connect with Peoplesoft HR for Password Self-Service.  You have the capability to provision to SAP HR.
    FF 5.2 with Peoplesoft: N/A
    RE 5.2 with Peoplesoft: N/A
    I am not sure if there are any standalone docs out there for AC integration with Peoplesoft.  And the 5.2 manuals have sparse information on integration.  However, the AC 5.3 manuals have more detailed info on the integration piece with various other non-SAP systems.
    Sorry, I couldn't share more info, as that is all I know for now...
    Ankur
    GRC Consultant

  • SAP GRC 5.2 Compliance Calibrator rule sets for HR module

    HI All,
    The company i am working for has done installation of GRC 5.2. I would like to download the SAP out of box Compliance Calibrator rule sets for HR function module in a spreadsheet format.
    I would like to download the rule set for risks at Function level, Tcode level and also at authorization object level in ABAP and Roles, actions and permissions in JAVA.
    I will discuss with the BPAs, internal auditors and come up with a new rule set exclusively for my company needs with the help of the above spreadhseet.
    Please tell me what steps i need to do to get this thing done.

    Please go through the process but save these as txt files for UNIX. I am not sure about 5.2 but CC4 was not uploading rule files correctly if file was not saved for TXT for UNIX.
    Regards,
    Harry Sidhu

  • Integrate external identity management solution in SAP GRC Access Control

    We need to integrate an external identity management solution into SAP GRC Access Enforcer. Some white paper mention extensibility is provided by web services. It seems that none of these web services are documented. Does anybody have infos about these services and documentation. Any hint is appreciated.
    thanks
    Detlef

    Unfortunately Access Enforcer doesn't implement a number of critical requirements and implementing it "as is" would be a lot of steps backwards in our process.
    what do the published webservices do? Is there any documentation about them?
    In a part of our process, we must manually pick the current roles(1), the pending roles(2) (roles that were approved but not given due to training prerequisites) and the requested new roles(3) and make the simulation in the VCC.
    The information (1) and (2) and (3) we have in our internal system, the information (1) we have inside VCC and (2) and(3) must be manually inputted by the operator to run the simulations. Since this operation is repeated 6000+ times a month in my company, eliminating this manual input will cause a great gain in efficiency.
    Other thing that we want to do is to create a job where it would automatically desassociate the mitigating controls if the user does not have the risks anymore (users can lose roles automatically in some events here, so it would be coherent that the user also loses the associated mitigating controls)
    IMHO as a former programmer, these are classic cases where I would like to consume some webservices for this tasks to avoid a lot of ctrc ctrlv from the operators (inefficient and error prone)
    VCC has any documentation that would help me to find how I would do this integrations?
    Thanks in advance

  • Installation SAP IDM 7.1/SAP GRC Access Control 5.3

    Hello,
    I can install Access Control products with Solution Manager, Enterprise Portal... But it is possible to install Access Controll 5.3 and IDM 7.1 on the same server?
    Thanks and best Regards
    Alexander

    Hi Alexander,
    SAP IDM 7.1 is still in the ramp up state.  as per the product availability matrix [pam|https://websmp104.sap-ag.de/~form/handler?_APP=00200682500000001303&_EVENT=DISP_NEW&00200682500000002804=01200314690900001014] ,  I am not yet sure if  SAP IDM is available for 64 bit servers.
    SAP GRC AC 5.3 should be installed on as java netweaver
    server after properly sizing. If your hardware can support sizing for both GRC AC 5.3 and SAP IDM 7.1 , then you can install both on them. usually netweaver 7.0 sp12  will be in 64 bit system.
    You can get GRC AC 5.3 sizing information from [link|http://service.sap.com/~form/sapnet?_SHORTKEY=00200797470000071612&_SCENARIO=01100035870000000112&_OBJECT=011000358700000435122007E]

  • SAP GRC Access Control - RAR 5.3

    Question...
    I am seeking some opinions on the the functionality/usage of the data provided under the Informer Tab - Management View Section.  There are several sub-sections in this section that would appear to provide some very useful summary data at a management level.  However, I've been informed by one of our consultants that the usage/functionality of this section is really not helpful, because the data can't and is never accurate.  I'm confused, if this is feeding from other data loaded in the system...why the discrepancies and un-usefullness?  I hesistate to believe this section would be apart of the system if limitations prevented its accuracy.  Are any other of you using this section?  Is the data accurate?  Do you find it helpful?
    Your advice, comments, and experience greatly appreciated!
    Regards,

    The informer tab is just that - an informer.  So long as your ruleset has been setup properly, and your background jobs are synchronizing properly to the backend systems, and you've set the background risk analyses to update the management views, there shouldn't be any inaccuracies in the informer tab.
    It's a good idea to have the latest Support pack installed as there have been cases where erroneous numbers are shown, but those have been fixed in subsequent support packs.
    I hope this helps.
    Santosh Krishnan

  • SAP GRC 5.2 Compliance Calibrator

    How can I generate the list of SoD conflicts arising from a particular rule.
    Thanks & Regards
    Srikanth R

    Hi Srikant,
    Can you provide an example of any "Rule ID" that you want to search on?
    What kind of output you are looking for?
    Regards,
    Sirish.

  • Is Compliance Calibrator the same as GRC Access Control?

    I have been asked to look at<b> Compliance Calibrator </b>and am getting confused about what functionality is offered. I have done the basic e-learning course for Compliance Calibrator (GRC200): this was all about separation of duties etc. Fair enough. But I also have a Document called "<b>SAP GRC Access Control</b>" which talks about the same S.O.D compliance functionality but also talks of "roles triggering workflows", "users creating roles", "automated approvals for roles" eg:
    "SAP GRC Access Control streamlines access requests by filling each request automatically with user identity information from a lightweight directory access protocol (LDAP) directory or HR database, thereby eliminating the need for user intervention. Approvers receive an e-mail with a direct hyperlink to the request inside the application, where they can easily view and approve the request. The application then checks for security violations before updating accounts  automatically."
    None of this was covered on the Compliance Calibrator course, so what product offers this? I can see another product by Virsa called <b>Access Enforcer</b> but have no info on this... can anyone enlighten me?

    SAP GRC Access Control is the SAP application that comprises the former Virsa products Compliance Calibrator, Access Enforcer, Risk Terminator, Firefighter and Role Expert.

  • GRC Access Control 5.3 installation

    Hello all,
    I'm planning the installation of SAP GRC Access Control 5.3 and have a few questions. In the software download section of SAP Service Marketplace, the most recent installation files are for Virsa 5.2. Under SAP GRC Access Control, there are no installation files that I can see. (I tried several different OSS IDs including partner ID, so I do not think it is a licensing issue) Could someone please confirm that the Virsa 5.2 files represent GRC Access control 5.3?
    One reason for this question is that in Solution Manager, under Business Blueprint (SOLAR01), SAP GRC Access Control 5.3 is displayed as the default selection for Internal Controls. Is SAP planning to release installation files in the near future for SAP GRC Access Control 5.3? If so, when?
    Thanks in advance,
    Glen Hoaglund
    Capgemini Basis Consultant
    Edited by: Glen Hoaglund on Jun 3, 2008 3:13 PM

    John & Glen-
    Right now Compliance Calibrator 5.3, now Risk Analysis and Remediation, which is part of Access Control 5.3 is currently in Ramp Up, and will be available in October 2008.  
    You can download the User manuals for 5.3 from SAP Marketplace.  That will give you an idea of what functionalities 5.3 has and how it is structured.
    From my observation of 5.3, and having implemented 5.2 for some clients, 5.3 does have some functionalities which are missing in 5.2.  But for setup and sizing, it is always recommended that you allocate GRC on its own server with a lot of space.  The applications are very memory-intensive.
    I believe FireFighter, or Superuser Privileged Access in 5.3, will still reside in the ABAP stack, with the reporting done on both ABAP and Java stacks.  The bulk of the functionality of 5.3 is the same as 5.2.
    Let me know if you have any questions...
    Ankur
    GRC Consultant

  • Problem Maintenance Optimizer - SAP GRS Access Control 5.3

    Hi,
    I have a problem in calculating the SPS to the SAP GRC Access Control 5.3.
    I recorded the system automatically from SLD. I defined the logical component and I created the solution.
    Now, when I try to calculate the Maintenance Optimizer error is generated:
    No Addon Product Version allowed for transaction: SAP GRC ACCESS CONTROL 5.3 (01200615320900001673)
    Program:CL_MOPZ_EVALUATE_INSTANCES====CP,Include:CL_MOPZ_EVALUATE_INSTANCES====CM00R,Method:CHECK_INPUT,Line: 67
    Can you help me?
    Best regards,
    Diego.

    Hi,
    Check this note.
    1464712
    This should solve your problem.
    Feel free to revert back.
    -=-Ragu

  • Install GRC Access Control 5.3 on Java only?

    Hello,
    we want to install SAP GRC Access Control 5.3 on a stand alone system. We tried to figure out, if it's possible to install it on a NW 07 Java stack only or if it's necessary to make a add-in installation with Abap and Java.
    For the backends and the RTA we need Abap, but also for the GRC itself?
    Thanks in Advance
    Ingmar

    I just found something useful..
    https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/408bd039-d9c1-2a10-0fab-a92b97c7cd25
    https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a07b4cc8-1a57-2b10-1798-d2fec068473a

  • GRC Access Control licensing and Sizing

    Dear All,
    I am putting up a proposal for GRC Access Control. Could someone please help me with the calculation of licensing cost and the hardware requirements?
    1. Is the license cost totally driven by revenue ?
    2. Is there a flat base price plus number of user accounts?
    3. What sort of hardware config is required?
    Thanks,
    Aj

    Please ask your SAP account contact for pricing information.
    Frank.

Maybe you are looking for

  • VPN clients cannot access inside network

    I have a ASA 5505 that I am using as a VPN appliance. The outside interface is connected to the DMZ (172.16.2.10) and the inside to our internal network (10.27.1.12). VPN clients are assigned an address in the range 10.27.2.2-10.27.2.20. A 1841 is th

  • Monitor recomendation for editing/color corection/ grading?

    Hello I am c300 owner, and slowly learning editing and color correction on my  CS6 PP, probably later will learn to work as well in Resolve.....  anyway, when it comes to pc monitors what would u recommend? and what  should i look at when buying moni

  • ITunesSetup_exe (1) couldn't be downloaded

    I cannot download itunes to my PC running a 32  bit version of Vista.  I have already unistalled all iTunes programs except the mobile one as instructed by support.  I have also checked my temp files as instructed by support (they were empty)  This i

  • Button only works once?

    relatively new to flash, using pro 8 right now. I created a movie where there are movie clips that contain buttons. using the following actionscript, the button takes me to the frame labeled "Button1" on (release){ _root.gotoAndStop("Button1"); but..

  • After a restore,it keeps asking for another backup itunes login ?

    After a restore,it keeps asking for another backup itunes login ? This never happened before the v8 upgrade ? How do i stop this ?