SAP Access Control Implementation and Configuration [GRC300]

OVERVIEW

This course offers hands-on configuration and implementation of SAP Access Control 10.1, as well as important concepts you will need to know in order to prepare for implementation and ongoing access risk prevention.

OBJECTIVES

• Describe tasks performed by a typical SAP Access Control user
• Discuss Harmonization topics as they relate to SAP Access Control
• Explain how SAP GRC helps you to address business challenges
• Identify authorization risks in typical business processes
• Describe the Segregation of Duties Risk Management Process
• Describe and configure functionality and features for SAP Access Control 10.1
• Use the SAP Access Control 10.1 application to analyze and manage risk, design and manage roles, and provision and manage users
• Describe the SAP Access Control 10.1 architecture and landscape, SAP Access Control Repository, and Object Level Security
• Describe the Periodic Access Review process
• Plan for and manage emergency access
• Discuss the reporting framework
• Configure workflows, including multi-stage multi- path (MSMP) workflows and BRF+
• Describe how the different applications of the SAP GRC Solution integrate with each other
• Discuss key steps in the SAP Access Control implementation process

AUDIENCE

• Application Consultant
• Business Process Architect
• Business Process Owner / Team Lead / Power User

CONTENT

Introduction to SAP Access Control

• Discussing Business Challenges and Solutions
• Using SAP Access Control

Architecture, Security, and Authorizations

• Describing the System Architecture
• Describing Security and Authorizations

Shared Configuration Settings

• Configuring Shared GRC Settings
• Configuring Shared SAP Access Control Settings

Authorization Risks and the Segregation of Duties (SoD) Management Process

• Identifying Authorization Risks
• Managing Risk by Segregating Duties

SAP Access Control Repository

• Synchronizing Objects into the Repository
• Scheduling and Viewing Background Jobs

Risk Analysis

• Maintaining Shared Master Data
• Configuring and Maintaining the Rule Set
• Configuring and Using Audit Trail Tracking
• Using the Risk Analysis Framework
• Remediating Risks
• Mitigating Risks
• Mitigating Multiple Risks at One Time

Business Rule Framework

• Creating Rules in the Business Rule Framework (BRF)
• Defining Business Rules

Multi-Stage, Multi-Path (MSMP) Workflow

• Describing Multi-Stage, Multi-Path (MSMP) Workflow
• Maintaining MSMP Workflow
• Building MSMP Workflow

User Provisioning

• Configuring User Provisioning Settings
• Configuring Access Request Forms
• Requesting Access
• Preparing Roles and Owner Data for MSMP Workflow
• Creating Simplified Access Requests
• Reviewing Search Request Results

SAP Fiori User Experience (UX) for GRC

• Describing SAP Fiori UX

Role Design and Management

• Configuring Role Management
• Configuring Role Methodology
• Configuring Role Search Attributes
• Planning for Technical Role Definition
• Planning for Business Role Definition
• Consolidating Roles Through Role Mining
• Performing Role Mass Maintenance Operations

Emergency Access Management

• Describing Emergency Access Management
• Planning for Emergency Access
• Monitoring Emergency Access

Periodic Access Review Process

• Planning Periodic Review
• Monitoring Periodic Review

Reports and Custom Fields

• Use the Reporting Framework

SAP Access Control Implementation

• Using the SAP Access Control Implementation Process
• Designing the SAP Access Control Solution
• Planning Upgrade and Migration
• Configuring SAP Access Control
• Implementing the SAP Access Control solution
• Optimizing the SAP Access Control Suite