Solution : https://service.sap.com/sap/support/notes/986996 (SAP Service marketplace login required)
Summary :
This SAP Note outlines the rationale and guidelines for the Risk Analysis and Remediation rules provided with SAP Compliance Calibrator. The rules aim to reflect the global standards for key business processes, such as Finance, Procure to Pay, and Order to Cash, while also including specialized rules for CRM, HR, and ECC after collaboration with partners and customers. The rules are designed as a foundation, reducing the need for customers to start from scratch. They primarily focus on minimizing false negatives by triggering the least number of authorization objects necessary for transaction execution. The note emphasizes customization of the rule set based on specific customer environments and includes an attachment explaining the ruleset update process and detailing the covered areas.
Key words :
develop additional industry specific component, create single function risks, adding custom related transactions, fewest authorization objects required, major risk areas present, terms sap compliance calibrator, critical action risks, solid starter set, zip file presentation, auth object settings
Related Notes :
| 1611006 | Risks are not showing in SoD report that should |
| 1604722 | Risk Analysis and Remediation Rule Update Q3 2011 |
| 1600667 | Transactions that conflict with themselves |
| 1552985 | F110S rule incorrect - lists F_REGUL_KO should be F_REGU_KOA |
| 1541577 | Impact of S_TABU_NAM in Risk Analysis and Remediation |
| 1535330 | Compliance Calibrator 4.0 - Full Rule Deletion |
| 1519557 | Rules by Process under Rule Library do not show numbers |
| 1446680 | Risk Analysis and Remediation Rule Update Q2 2010 |
| 1349969 | Function AR04 - incorrect permission activated |
| 1326497 | Risk Analysis and Remediation Rule Update Q2 2009 |
| 1238023 | New authorizations not updating in rule set |
| 1173980 | Risk Analysis and Remediation Rule Update Q2 2008 |
| 1133589 | CC 5.x - How to build rules for "all" or "any" values |
| 1083611 | Compliance Calibrator Rule Update Q3 2007 |
| 1061380 | Compliance Calibrator Rule Update Q2 2006 |
| 1050832 | ME23N in Compliance Calibrator (RAR) Default rules |
| 1035070 | Compliance Calibrator Rule Update Q1 2007 |
| 1033326 | Risk Analysis and Remediation Rule Upload guidance |