SAP Note 1593056 - Best Practices for Remediation of Segregation of Duties risk

Component : Access Risk Management -

Solution : https://service.sap.com/sap/support/notes/1593056 (SAP Service marketplace login required)

Summary :
This SAP Note provides guidance on managing and mitigating risks identified by GRC Access Control, specifically through Risk Analysis and Remediation (RAR), Compliant User Provisioning (CUP), and Enterprise Role Management (ERM). Key recommendations include adhering to a "Get Clean" methodology, initially cleaning up segregation of duties violations using RAR, followed by maintaining system integrity with CUP and ERM. Emphasis is placed on proper configuration and running of reports at the permission level, managing critical roles, and prioritizing single and composite roles during remediation. The note identifies common pitfalls and stresses the importance of preemptive removal of risks over mitigation.

Key words :
/portal/prtroot/docs/library/uuid/80c094de-90aa-2910-02b8-e31a6f5ff0c2the purpose, rar - configuration - risk analysis - additional options - include role/profile mitigating controls, rar - configuration - risk analysis - default values - exclude mitigated risks, rar - rule architect - critical roles/critical profiles, rar - configuration - risk analysis - additional options, remediation rulesthe grc access control components rely, configuration - risk analysis - default values, access risk management guide located, option ignore critical roles & profiles, cup - configuration - risk analysis

Related Notes :

1604722Risk Analysis and Remediation Rule Update Q3 2011
1542565Mitigations at Action versus Permission level
1446680Risk Analysis and Remediation Rule Update Q2 2010
1326497Risk Analysis and Remediation Rule Update Q2 2009
1252966AC 5.3 RAR Report - Action Usage by Role and Profile
1227226Mitigate User/Roles/Profiles buttons are not visible
1177383Action Usage reports not fetching any data in the RAR
1173980Risk Analysis and Remediation Rule Update Q2 2008
1088485RAR - "Remove Access from User" not available
1035063RAR 5.X - Setting up Blanket Mitigation Controls
1034117Management Reports run too long, not updating, or inaccurate
1033326Risk Analysis and Remediation Rule Upload guidance
1015921Collective note for Alerts Log not capturing data
986997Risk Analysis & Remediation tuning for optimal performance