cancel
Showing results for 
Search instead for 
Did you mean: 

AC 10.1 Is there any automated process / program for Rule Set Review?

josiane_costa
Participant
0 Kudos
278

In GRC AC 10.1, do you know if there is any automated program or process which we can kick off to trigger Rule set items (Risks and Function contents) to Risk Owners so they can review / approve their contents?

Accepted Solutions (1)

Accepted Solutions (1)

madhusap
Active Contributor
0 Kudos

Hi Josiane,

There is no standard workflow process available for your requirement. Moreover the details which go into functions are quiet technical and the risk owners most of the times can only review the business purpose of the risk definition and not from technical aspect.

Hence, it would be ideal if this ruleset review process is performed offline by technical team and get risk owner approval in the system.

Option 1: Use GRC Information workflow and just assign attachment with ruleset review details which risk owners can review and approve by providing comments in the system.

Option 2: Define a "Manual Control" in SAP GRC PC for ruleset review where the technical assessment can be done by technical team (Control Tester) and final review can be done by risk owner (Control Owner).

Regards,

Madhu

Answers (1)

Answers (1)

josiane_costa
Participant
0 Kudos

Thank you so much for your response, Madhu.