Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

SOD by T-Codes

Go to solution
former_member707369
Member

on ‎2020 Oct 13 7:54 AM

0 Likes
3,242

Hi All,

I want to build authorization roles for my team but we don't have GRC in place so I have to identify SOD manually.

Is there a guide or template which can identify SOD risks by T-Codes? Is there a best practice can replace GRC?

Thank you

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
former_member30
Product and Topic Expert
Product and Topic Expert
‎2020 Oct 13 7:55 AM
0 Likes

Hi and welcome to the SAP Community!

Thank you for visiting SAP Community to get answers to your questions. Since you're asking a question here for the first time, I recommend that you familiarize yourself with https://community.sap.com/resources/questions-and-answers (if you haven't already), as it provides tips for preparing questions that draw responses from our members. For example, you can outline what steps you took to find answers (and why they weren't helpful), share screenshots of what you've seen/done, make sure you've applied the appropriate tags, and use a more descriptive subject line.
The more details you provide, the more likely it is that members will be able to assist you. You should also make sure you're using all the appropriate tags, so the right experts can find your question.

Should you wish, you can revise your question by selecting Actions, then Edit.

Finally, if you're hoping to connect with readers, please consider adding a picture to your profile. Here's how you do it: https://www.youtube.com/watch?v=F5JdUbyjfMA&list=PLpQebylHrdh5s3gwy-h6RtymfDpoz3vDS. By personalizing your profile with a photo of you, you encourage readers to respond.

Cheers,

Julia
SAP Community Moderator

Accepted Solutions (1)

Accepted Solutions (1)

Monsores
Active Participant
‎2020 Oct 21 8:31 PM
0 Likes

Hi Mohamed.

The best way by far to begin your SoD Ruleset is by using the one which comes with GRC. SAP Note 986996 (GRC Access Control- Best Practice for Rules and Risks) talks a bit about it.

Another option is to hire a consulting company to do it for you as they will already have theirs and will not need to begin from scratch.

The last time I checked it SAP GRC Standard Ruleset had more than 200 Risks based on more than 150 Functions, so it is not possible to manage it manually. It's not only the case of checking Risks when maintaining your Single Roles, but also keeping an eye on the combination of them in Composite Roles or when assigning to users. And also rechecking all your users and roles whenever you decide to update your Ruleset.

Even with a simplified Ruleset (just IT risks, for example) it would be a thankless task to take care of your Risks manually. You would need at least to develop custom programs to do the basic part of what GRC does.

Regards,

Marcelo Monsores

Show replies
Show replies

Answers (0)

Ask a Question