https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995387#M136907 <HTML><HEAD></HEAD><BODY><P>Hi Mani,</P><P></P><P>do you have 5.3, so that you would have to copy the provisioning process. if yes, then it will only be left to configure GCR 10. Else, you would have to design Provisioning process first and then get <SPAN style="font-size: 13.3333330154419px;">sign off. from all Lead/ approvers/</SPAN>Stake holders.</P><P></P><P>For EAM and ARA, ARM would be required, to handle workflows.So, it is better to implement ARM simultaneously. Else, for ARA, you would have to make Workflow as 'No', for Risk/Function/Mit. Control Creation/assignment. For EAM, FF and FF log review requests are made through ARM.</P><P></P><P>For EAM, you would need to decide whether you are going with Central or Decentralized.</P><P></P><P>For ARA, you would need to set up parameters, in IMG-&gt;...&gt; Maintain Configuration settings.</P><P></P><P>Please go through GRCAC&nbsp; docs at <A __default_attr="8879" __jive_macro_name="document" class="jive_macro_document jive_macro" data-orig-content="Getting Started with SAP Governance, Risk and Compliance Solutions (GRC)" href="https://community.sap.com/"></A>, </P><P>Regards</P><P>plaban</P></BODY></HTML> Wed, 29 Apr 2015 07:48:43 GMT Former Member 2015-04-29T07:48:43Z https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaq-p/10995385 <HTML><HEAD></HEAD><BODY><P>Hi All,</P><P></P><P>Am in the process of implementing GRC 10 with the following components for a pharma client.</P><P></P><P>Access Risk Analysis (ARA)</P><P>Access Request Management (ARM)</P><P>Emergency Access (Firefighter)</P><P>Business Role Management (BRM)</P><P></P><P>I just wanted to know your views on what kind of approach is better?. Please comment your views with your best approach.</P><P></P><P>My view is to first implement&nbsp; ARA and EAM together and then go ahead with ARM and BRM packed together.</P><P></P><P>Thank You for your idea.</P></BODY></HTML> Wed, 29 Apr 2015 04:34:45 GMT https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaq-p/10995385 Former Member 2015-04-29T04:34:45Z https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995386#M136906 <HTML><HEAD></HEAD><BODY><P>Hi Mani,</P><P></P><P>Whenever you are doing a GRC Implementation there will best practices to follow for each module ARA, ARQ, BRM and EAM.</P><P></P><P>But when it comes to how you want to start with your implementation completely depends on client's requirements and how they wanted to make use of GRC tool for their internal audit compliance. So, always based on requirements, the approach should be finalized.</P><P></P><P>Regards,</P><P>Madhu.</P></BODY></HTML> Wed, 29 Apr 2015 07:28:56 GMT https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995386#M136906 madhusap 2015-04-29T07:28:56Z https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995387#M136907 <HTML><HEAD></HEAD><BODY><P>Hi Mani,</P><P></P><P>do you have 5.3, so that you would have to copy the provisioning process. if yes, then it will only be left to configure GCR 10. Else, you would have to design Provisioning process first and then get <SPAN style="font-size: 13.3333330154419px;">sign off. from all Lead/ approvers/</SPAN>Stake holders.</P><P></P><P>For EAM and ARA, ARM would be required, to handle workflows.So, it is better to implement ARM simultaneously. Else, for ARA, you would have to make Workflow as 'No', for Risk/Function/Mit. Control Creation/assignment. For EAM, FF and FF log review requests are made through ARM.</P><P></P><P>For EAM, you would need to decide whether you are going with Central or Decentralized.</P><P></P><P>For ARA, you would need to set up parameters, in IMG-&gt;...&gt; Maintain Configuration settings.</P><P></P><P>Please go through GRCAC&nbsp; docs at <A __default_attr="8879" __jive_macro_name="document" class="jive_macro_document jive_macro" data-orig-content="Getting Started with SAP Governance, Risk and Compliance Solutions (GRC)" href="https://community.sap.com/"></A>, </P><P>Regards</P><P>plaban</P></BODY></HTML> Wed, 29 Apr 2015 07:48:43 GMT https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995387#M136907 Former Member 2015-04-29T07:48:43Z https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995388#M136908 <HTML><HEAD></HEAD><BODY><P>Hello Mani,</P><P></P><P>Apart from technical details provided by Madhu and Plaban,some more additional information</P><P></P><P>As per my understanding any successful implementation will follow the ASAP methodology,check the below link for information on ASAP methodology</P><P></P><P><A __default_attr="48920" __jive_macro_name="document" class="jive_macro_document jive_macro" data-orig-content="Basic understanding on ASAP Methodology for beginners" href="https://community.sap.com/"></A></P><P></P><P>You need to define resources and time line before start the project,check the below link</P><P></P><P><A __default_attr="2000982" __jive_macro_name="thread" class="jive_macro_thread jive_macro" data-orig-content="What is the ideal composition of an implementation team" href="https://community.sap.com/"></A></P><P></P><P></P><P>also check the below threads which gives additional information</P><P></P><P><A __default_attr="3662199" __jive_macro_name="thread" class="jive_macro_thread jive_macro" data-orig-content="Implementation of GRC AC 10.1" href="https://community.sap.com/"></A></P><P></P><P><A href="https://scn.sap.com/thread/2101026" title="https://scn.sap.com/thread/2101026">GRC 10 implementation | SCN</A></P><P></P><P>While implementing if any issues Forum will help you.</P><P></P><P>All the best!!!</P><P></P><P>Regards</P><P>Baithi</P></BODY></HTML> Wed, 29 Apr 2015 08:47:15 GMT https://community.sap.com/t5/additional-q-a/grc-10-implementation-approach/qaa-p/10995388#M136908 Former Member 2015-04-29T08:47:15Z