Answer / reddy

What is GRC ?

Governance, Risk, and Compliance.

The goal of GRC is to help a company efficiently put
policies and controls in place to address all its
compliance obligations while at the same time gathering
information that helps proactively run the business.

This means Ethical Business Process should comply with
Effective Process controls as per the related industry
Business Process and accounting Process and Govt Policy .

This GRC process finally Can Conculded with respect to Govt
Orgasnisations and Public Orgaanisation which are
Registered in Local Stock Markets are accountable to have
Effective Governance and Process Controls to Protect the
Share holder rights and Prevent Organised Corporate Fruads
and scams.

GRC Tools and IT applications

There are many GRC AUDIT tools in the Market to Facilitate
Internal and External Audit of the Companies .

What is SAP VIRSA Tool.

focused on 1) Access controls , 2) Process Controls.

It Has 4 Sections to Audit the system.

1. Compliance Caliberator
2. Role Expert
3. Firefighter
4. Access enforcer .

VIRSA systems is now takenover by SAP AG.

It has been aprt of Netwever and add on now .

Answer / shiva

SOD and SOX are used for SAP Audit purposes in the company
and Virsa tool is a 3rd party tool integrated with SAP,used
for finding of the risks before applying the roles (new) to
a user.

Answer / geethu

Hi Prakash,


If you are very strong in Security you can apply for
Security job for 2years..If you are not please dont
experiment in new company it wil a big problem for you.

And for SOD and SOX is very Important topic. SOD
Sagregation of Duty Analysis is fully automated tool which
is used for auditing.

SOD and SOX is very huge topic. You cannot understand until
you read relevant books and start practice

What is the parameter in security audit log (sm19) that decides the number of filters?

1 Answers  

---

can u secure profiles ? if so , hou to do it ?

2 Answers   IBM,

---

What is difference between user master record and user buffer

1 Answers   IBM,

---

Can any one tell me briefly , what is the roles and responsibilities of SAP BASIS Security Administrator..

2 Answers  

---

why do you think keylabs is best inistitute in bangalore for sap security, I am looking for sap security training with GRC, do u suggest keylabs or any other inistitute

5 Answers  

---

1).what is the diff b/w adding the tcode in s_tcode authorization object and addind the tcode inmenu tab of pfcg? 4) What is the difference between Owner, Controller and Administrator in Firefighter? 2) Can you tell me why do you use S_TABU_DIS authorization object? 3) Explain How do you restrict a particular table acces then? 5)In RAR ,What are the default Back ground Jobs? 6)Which job will update all user master records? 7)What will happen whenever we execute a t-code? 8)What is the purpose of the report RSUSR006? 9) Lets say a user is locked by admin? What value will you see in USR02 table and in UFLAG column? 10) What will you do if the user complains that he is not able to access a t-code? 11)why we have to delete users ? 12)a. What is Direct role assignment and indirect role assignment? b. What is the process of adding a t-code to an existing role? c. If client asked you to modify a role directly in PRODUCTION for emergency? Is it possible? What you will do in that situation? d. What is the purpose of customized Transaction codes? Have you created any custom t-codes? 13)

3 Answers   IBM,

---

What is the differences between AGR_1251 and AGR_1252?

4 Answers   Cap Gemini,

---

You want to create and maintain user master record. What authorization would you need?

0 Answers  

---

What transactions can be assigned for all the users ?

6 Answers   Accenture,

---

what is the significance of parameter id and user group?

1 Answers   TCS,

---

How see hierarchies in BI security

1 Answers   IBM, L&T,

---

What is the difference between user group in logon data tab and groups tab

2 Answers  

---