cancel
Showing results for 
Search instead for 
Did you mean: 

SAP AC - UAR -- Non-Firefighter IDs

sukumarvempati
Discoverer
0 Kudos
328

Dear Team,


We have a requirement on UAR for the Non-FF ID's (Like Service Accounts, System ID's, Standard ID's (DDIC, SAP*), Customer based ID's -- DAT ID's (Data Conversion) and so on).

UAR component have the capability to accomplish the "User Access Review" and Certify it?

I request to let us know more information on it.

Please let us know if need any further information.

Thanks & Regards

Accepted Solutions (0)

Answers (2)

Answers (2)

sukumarvempati
Discoverer
0 Kudos

Hi Sigrid,

I am thankful for the quick response.

By our requirement - Non-FF ID's (Like Standard ID's, Service ID's, Systems ID's and DIalog ID's) may need to review the logs (usage report) similar like FF ID's - Controllers review.

We have a audit requirement, to do the monitoring (log review) for the non-FF ID;s ( Critical ID's, like I mentioned above).

Is it possible to config the Non-FF ID's log review?

SConix
Participant
0 Kudos

Hi sukumarvempati

A lot of information is provided by SAP in the AC 10.0 UAR Reference Guide (sap.com) explaining how the review of user role assignments is set-up and executed.

When collecting the data to trigger the UAR (in Background scheduler, once your GRC is set-up for UAR) you can amongst other filter on Usertypes/Usergroups/UserIDs. Therefore it should be possible to select exactly those users for which you'd like to execute the User Access Review.

See below example:

More information on the UAR and SOD review are available on the SAP Help Portal : Compliance Certification Reviews | SAP Help Portal

However, please take into account that standard UAR functionality will only focus on Roles, and not the assigned profiles. So if you want to do this for technical users with SAP profiles assigned, additional enhancements might be required.

Hope this helps you.