grcac contents 03 (1)
TRANSCRIPT
-
8/3/2019 GRCAC Contents 03 (1)
1/4
GRC ACCESS CONTROL 5.XSecurity
Training
Goals:
Explain how SAP GRC Access Control (Risk Analysis and Remediation, Super user PrivilegeManagement, Compliant User Provisioning and Enterprise Role Management) works incombination with SAP business processes.
Demonstrate the functionalities and usage of the different components within SAP GRCAccess Control
Discuss how to use the SoD Management process as standard approach forimplementing SAP GRC Access Control
Configure and use workflow-based SoD and User Access Reviews to ensure a continuousassessment of the risk situation by the business process owners
Discuss how the use of Enterprise Role Management will help to maintain a clean SoDenvironment with respect to your organizations roles.
Identify the integration points across the whole SAP GRC Access Control Suite
Implementation strategy of GRC Access Control Project.
Course Based on Software Release
SAP GRC Access Control 5.3
SAP ERP Central Control 6.0
Duration :30 HRS
Contents
1. Overview of SAP Security
1. SAP R/3 Architecture2. SAP Basis Security
3. Authorization concept
4. User and Role creation
5. Concept of Derived role
6. Derived Role benefits
7. Exercise on Role creation (Hands-On)
8. Auditing and Monitoring
9. Security Reports
2.SoD overview
10. SOX Compliance
11. SoD Management Process Phases
12. SoD Implementation Methodology
13. SoD Matrix
14. How Risk Analysis & Remediation/CC compatible to SoDs.
Security & GRC AC 5.X | By Joseph Pavan 1
-
8/3/2019 GRCAC Contents 03 (1)
2/4
GRC ACCESS CONTROL 5.XSecurity
Training
3. Overview of SAP GRC Access Control
15. Why GRC?
16. SAP GRC Components
17. Product architecture
18. SAP GRC Access Control 5.3 suite features
19. Prerequisites
20. Installation
21. System Landscape
22. SAP GRC Access Control Authorizations
4. Risk Analysis and Remediation
23. Overview24. Architecture
25. Verification of Installation
26. Getting Clean using RAR
27. Compliance Calibrator tabs
28. Exercise
29. Implementation Process Flow
30. User Management Engine
31. Key Terminology
32. Introduction to the SoD Risk Management Process
33. RAR Rule Architect SoD34. Rule Building Process
35. Exercise
36. Rule Library
37. Management View- Risk Violations
38. Risk Analysis Adhoc Reports
39. Risk Analysis
40. Risk Remediation
41. Simulation
42. Exercise
43. Alerts
44. Exercise
45. Mitigation
46. Exercise
47. Organizational Rules and Organizational Level Reporting
48. Exercise
49. Continuous Compliance
50. Operational guide
Security & GRC AC 5.X | By Joseph Pavan 2
-
8/3/2019 GRCAC Contents 03 (1)
3/4
GRC ACCESS CONTROL 5.XSecurity
Training
51. Exercise
5. Super user Privilege Management
52. Overview
53. Verification of Installation
54. Exercise
55. Super user Privilege Management functionality and uses
56. SPM configuration
57.SPM Reports58. Exercises
6. Compliant User Provisioning
59. Overview
60. Verification of Installation
61. Compliant User Provisioning Functionality
62. Integration with RAR & ERM
63. Workflow-based Reviews
64. Compliant User Management Lifecycle
65. Work flow creation66. Super user access workflow
67. Request creation and approval flow
68. Types of workflows
69. Configurations
70. Different reports
71. Exercises
7. Enterprise Role Management
72. Overview
73. Verification of Installation
74. Configuration Review
75. Workflow Steps
76. Access Control Integration
77. Integration between all Access Control Products
78. Compliance Reporting
79. Role creation workflow
Security & GRC AC 5.X | By Joseph Pavan 3
-
8/3/2019 GRCAC Contents 03 (1)
4/4
GRC ACCESS CONTROL 5.XSecurity
Training
80. Reports
81. Exercises
8. Project flow methodology
Project preparation
Requirement gathering
Blue print
Architecture & SLD
Operational steps
9. GRC 10 Introduction
Security & GRC AC 5.X | By Joseph Pavan 4