Answer / reddy

What is GRC ?

Governance, Risk, and Compliance.

The goal of GRC is to help a company efficiently put
policies and controls in place to address all its
compliance obligations while at the same time gathering
information that helps proactively run the business.

This means Ethical Business Process should comply with
Effective Process controls as per the related industry
Business Process and accounting Process and Govt Policy .

This GRC process finally Can Conculded with respect to Govt
Orgasnisations and Public Orgaanisation which are
Registered in Local Stock Markets are accountable to have
Effective Governance and Process Controls to Protect the
Share holder rights and Prevent Organised Corporate Fruads
and scams.

GRC Tools and IT applications

There are many GRC AUDIT tools in the Market to Facilitate
Internal and External Audit of the Companies .

What is SAP VIRSA Tool.

focused on 1) Access controls , 2) Process Controls.

It Has 4 Sections to Audit the system.

1. Compliance Caliberator
2. Role Expert
3. Firefighter
4. Access enforcer .

VIRSA systems is now takenover by SAP AG.

It has been aprt of Netwever and add on now .

Answer / shiva

SOD and SOX are used for SAP Audit purposes in the company
and Virsa tool is a 3rd party tool integrated with SAP,used
for finding of the risks before applying the roles (new) to
a user.

Answer / geethu

Hi Prakash,


If you are very strong in Security you can apply for
Security job for 2years..If you are not please dont
experiment in new company it wil a big problem for you.

And for SOD and SOX is very Important topic. SOD
Sagregation of Duty Analysis is fully automated tool which
is used for auditing.

SOD and SOX is very huge topic. You cannot understand until
you read relevant books and start practice

How to approach as a security consultant when a custom t code is created?

1 Answers  

---

As a SAP security consultant what is the most challenged you faced in previous company?

0 Answers  

---

what is the user table including account number and cost center in one table?

3 Answers   Patni,

---

1.why we use derived role in sap security?2.what is the technical difference between master and derived role?

1 Answers   KPMG,

---

Give one example of master data that is shared between AC, PC and RM? (grc 10)

1 Answers   TCS,

---

how can u assign firefighter ids from one firefighter admin to another firefighter admin if current admin leaves from organization without told to any body?

3 Answers   CTS, Satyam,

---

How can we Lock transaction ? What happens exactly ?

4 Answers   Patni,

---

1) Explain me about your SAP Career? 2) Tell me your daily monitoring jobs and most of them you worked on? 3) which version of SAP are you working on? Is it a java stack or abap stack? 4) Tell me about derived role? 5) what is the main difference between single role and a derived role 6) Does s_tabu_dis org level values in a master role gets reflected in the child role?? 7) Tell me the steps to configure CUA? 8) Is RAR a java stack or Abap Stack? 9) What is the report which states the critical T-codes? and also What is the T-code? 10) What is the T-code to get into RAR from R/3? 11) Explain about SPM?

2 Answers   TCS,

---

How to get the list of tcodes having by all users(EX-20 users)at a time?(through SUIM or TABLE) [we can get single user through SUIM->TRANSACTIONS- >EXECUTABLE USER....but same thing i want for multiple users at a time)

6 Answers   IBM, L&T,

---

User is not there in User master record. Then how to trace the user?

0 Answers   IBM,

---

Is it possible to have a request type by which we can change the validity period of a user? If possible, then what are the actions?

3 Answers  

---

what is centralize FFID?

0 Answers   TCS, VITS,

---