top of page
Search

GRC Implementation steps Overview

  • Sayantan
  • Jun 15, 2016
  • 3 min read

Hi Folks.... Lets go through the pointers of post installation steps that we need to perform to configure GRC. In my future posts I will explain each and every component in detail.

Lets consider our GRC system as G and target system as E for simplicity.

1.Establish two way communication channel between G and E

a. Creating logical systems------ sale/bd54 b. Assigning logical systems to clients-----sale/scc4 . Perform the same in other clients (in this case we need to repeat the steps in system E once we are done with G) c. Creating RFC connections-------sale/sm59 (Connection from G-E and E-G)

Step C can also be performed as below

SPRO

SAP REFERENCE IMG

GRC

COMMON COMPONENT SETTINGS INTEGRATION FRAMEFORK CREATE CONNECTORS> NOW IT WILL TAKE U TO SM59

2. ACTIVATING APPLICATIONS FOR SAP LANDSCAPE

SPRO>SAP REF IMG>GRC>GENERAL SETTINGS

EXECUTE ACTIVATE APPLICATIONS IN CLIENT

CLICK ON NEW ENTRIES

GRC-PC GRC-RM GRC-AC

NOW SELECT THE CHECK BOX: ACTIVATE

NOW SAVE.

3. SICF (sap internet communication framework)

T-CODE SICF

EXECUTE

EXPAND DEFAULT HOST

EXPAND SAP

NOW SELECT GRC, RIGHT CLICK ON IT, CLICK ON ACTIVATE

4. Activate BC sets (business configuration sets)

Execute tcode SCPR20

Search with *GRAC*

ARA----1 ARM----4 BRM----5 EAM----1

BACKEND SYSTEM----1

5. MAINTAIN CONNECTORS AND CONNECTOR TYPES

GRC- COMMON COMPONENT SETTINGS- INTEGRATION FRAMEWORK- MAINTAIN CONNECTORS AND CONNECTION TYPES SELECT SAP- DOUBLE CLICK ON DEFINE CONNECTORS CLICK ON NEW ENTRIES:

TARGET CONNECTOR : Logical system name of E (<SID>CLNT<Client number>)

CONNECTION TYPE : SAP

SOURCE CONNECTOR : Logical system name of G

LOGICAL PORT : Logical system name of E

MAX. NO. OF BW PS : 3

Now SAVE

NOTE: Source connector and logical port must be the same

NOW DOUBLE CLICK ON DEFINE CONNECTOR GROUP CLICK ON NEW ENTRIES

Example : CONN. GROUP CONNECTION TEXT CON. TYPE ECC ECC GRP Description SAP SAVE

NOW SELECT ECC CONNECTOR GROUP DOUBLE CLICK ON ASSIGN CONNECTOR GROUP TO GROUP TYPES CLICK ON NEW ENTRIES CONNECTOR GROUP TYPE SELECT LOGICAL GROUP SAVE DOUBLE CLICK ON ASSIGN CONNECTORS TO CONNECTOR GROUPS TARGET CONNECTOR CONNECTION TYPE Logical Name of E SAP SAVE

6. MAINTAIN CONNECTION SETTINGS

SPRO>GRC>COMMON COMPONENT SETTINGS> INTEGRATION FRAMEWORK MAINTAIN CONNECTION SETTINGS INTEGRATION SCENARIO :

CONTINUE

NOW SELECT

AUTH - ARA PROV - ARM ROLMG - BRM SUPMG - EAM

NOW DOBLE CLICK ON SCENARIO CONNECTOR TYPE LINK

NOW SELECT SAP

NOW DOBLE CLICK ON SCENARIO CONNECTOR LINK

CLICK ON NEW ENTRIES

NOW SELECT TARGET CONNECTOR: <RFC DISTINATION OF TARGET SYSTEM>

ENTER

NOW SAVE IT, IT WILL PROMPT FOR CUSTOMIZING REQUEST.

CREATE AND SAVE

7. MAINTAIN CONFIGURATION SETTINGS

SPRO-SAP REFERENCE IMG- GRC- ACCESS CONTROL

MAINTAIN CONFIGURATION SETTINGS

HERE YOUCAN SET PARAMETER BY CLICKING NEW ENTRIES

Example :

PARAMETER GROUP PARAMETER ID PAR. VALUE

RISK ANALYSIS 1024 1

SAVE.

** We will discuss different parameters in our future posts**

8. MAINTAIN CONNECTOR SETTINGS

SPRO-SAP REFERENCE IMG- GRC- ACCESS CONTROL

MAINTAIN CONNCETOR SETTINGS

CLICK ON NEW ENTRIES

Example :

TARGET CONNECTOR APP. TYPE ENVIRONMENT RFCDEST. (BACK END SYS.) 001 (SAP) DEVELOPMENT

FROM THIS STEP WE SPECIFY THE SYSTEM BELONGS TO WHICH TYPE OF ENVIRONMENT, WHETHER IT IS DEV, QUA, PRO

9. MAINTAIN MAPPING FOR ACTIONS AND CONNECTOR GROUPS:

10. MAINTAIN PLUG-IN SETTINGS

PERFORM THIS STEP IN TARGET SYSTEMS.

SPRO- SAP REF. IMG- GRC (PLUGINS)- MAINTAIN PLUG-IN CONFIGURATIN SETTINGS

NEW ENTRIES

PARMETER ID: 1001 SEQUENCE: 2 PARAMETER : (RFC DEST. OF GRC SYSTEM)

NEW ENTRIES

PARAMETER ID: 1000 SEQUENCE: 1 PARAMETER VALUE: (RFC DEST. OF TARGET SYSTEM)

SAVE

11. SYNCHRONIZATION JOBS:

AUTHORISATION SYNC

BY THIS STEP WE ARE GOING TO SYNC BACK END SU24 DATA INTO THE GRC SYSTEM.

SPRO- SAP REF. IMG- GRC- ACCESS CONTROL- SYNCHRONIZATION JOBS- AUTHORISATION SYNC

CONNECTOR : (TARGET LOGICAL SYSTEM NAME)

PROGRAM MENU- EXECUTE IN BACKGROUND

CONTINUE

12.REPOSITORY OBJECT SYNC

ACCESS CONTROL- SYNCHRONIZATION JOBS- REPOSITORY OBJECT SYNC

BY THIS STEP WE SYNCH ROLES, USERS AND PROFILES

CONNECTOR: (TARGET LOGICAL SYTEM NAME)

PROGRAM MENU- EXECUTE IN BACKGROUND

CONTINUE

THE FOLLOWING ARE THE PROGRAMS INCLUDED IN REPOSITORY OBJECT SYNC:

GRAC_ROLEREP_PROFILE_SYNC GRAC_ROLEREP_ROLE_SYNC GRAC_ROLEREP_USER_SYNC

FOLLOWING ARE THE TABLES WHICH GETS UPDATED :

USER TABLE: GRACUSERCONN ROLE TABLE: GRACRLCONN PROFILE TABLE: GRACPROCONN

13. GENERATING RULE SET:

SPRO- SAP REF IMG- GRC- ACCESS CONTROL- ACCESS RISK ANALYSIS- SOD RULES- GENERATE SOD RULES

RISK ID: *

SCHEDULE IT IN BACKGROUND JOB

GRAC_GENERATE_RULES IS A BACKGROUND JOB WHICH GENERATES RULE SETS.

RULE SET TABLE: GRACACTRULE (RISK)

14. CREATION OF BUSINESS PROCESS:

SPRO- SAP REF IMG- GRC- ACCESS CONTROL- MAINTAIN BUSINESS PROCESS AND SUB PROCESS

CLICK ON NEW ENTRIES

Example :

BUSINESS PROCESS: FI DESCRIPTION: FINANCE BP

IT WILL PROMPT YOU TO CREATE TRANSPORT REQUEST

SAVE

ASSOCIATED TABLES GRACBPROC Business Process GRACBSUBPROC Sub Business Process GRACBPROCT Business Process Text

 
 
 

Comments

Featured Posts
Recent Posts
Archive
Search By Tags
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page