- SAP GRC Tutorial
- SAP GRC - Home
- SAP GRC - Overview
- SAP GRC - Navigation
- SAP GRC - Access Control
- Access Management Work Center
- Access & Authorization Mngmt
- SAP GRC - Authorization
- Access Control Launchpad
- Integration with Access Control
- SAP GRC - Integration with IAM
- SAP GRC - Audit Universe
- Process Control Work Centers
- SAP GRC - SoD Risk Management
- SAP GRC - Risk Management
- SAP GRC - Risk Remediation
- SAP GRC - Mitigation Controls
- SAP GRC - Superuser Privilege
- SAP GRC - Implementing Superuser
- SAP GRC - Enhanced Risk Analysis
- Assigning Mitigation Controls
- SAP GRC - Workflow Integration
- Installation and Configuration
- Data Sources and Business Rules
- SAP GRC - Creating Business Rules
- SAP GRC Useful Resources
- SAP GRC - Questions & Answers
- SAP GRC - Quick Guide
- SAP GRC - Useful Resources
- SAP GRC - Discussion
Process Control Work Centers
Work centers provide a central access point for the entire GRC functionality. They are organized to provide easy access to application activities, and contain menu groups and links to further activities.
The following work centers are shared by Access Control, Process Control and Risk Management −
- My Home
- Master Data
- Rule Setup
- Assessments
- Access Management
- Reports and Analytics
Let us discuss the major work centers.
My Home
My Home Work Center is shared by Process Control, Risk management and Access Control. This provides a centralized location where you can manage assigned tasks and accessible objects in GRC application. My Home comes with a number of sections. Let us now understand the Work Inbox section −
Work Inbox
Using Work Inbox, you can view the tasks that you have to process in GRC software.
If you want to process a task, click on task in the table.
It will open the workflow window wherein, you can process the task.
Master Data
Master Data Work Center is shared by Process Control, Risk management and access control. The Process Control Master Data Work center contains the following sections −
- Organizations
- Regulations and Policies
- Objectives
- Activities and Processes
- Risks and Responses
- Accounts
- Reports
Let us now discuss the major work centers under Master Data Work Center −
Organizations − Maintain the company's organization structure for compliance and risk management with related assignments
Mitigation Controls − Maintain controls to mitigate segregation of duty, critical action and critical permission access violations
To create mitigation control, click Create button.
You will be directed to a new window, enter the details for mitigation control and click Save button.
Reports and Analytics
Reports and Analytics Work Center is shared by Process Control, Risk management and Access Control. The Process Control Reports and Analytics Work Center consists of Compliance section in GRC application.
In compliance section, you can create the following reports under Process Control −
Evaluation Status Dashboard
Shows a high-level picture of the overall status of corporate compliance throughout different business entities and provides analytics and drilldown capabilities to view data on different levels and dimensions.
Survey Results
Displays the results of surveys.
Datasheet
Provides comprehensive information on master data, evaluation, and remediation activities for subprocesses and controls.
The following roles that use the datasheet functionality −
Internal Auditors − They can use datasheets to get a picture of the controls and subprocesses in an organization under GRC.
Process Owners − In GRC application, Process Owners and Control Owners can request datasheets to get an overview of their subprocesses. Datasheet information provides the definition of the subprocess, assessments completed on subprocess, controls encompassed by the subprocess, and the assessments and testing done on these controls.
Control Owners − Control owners can use datasheets to check the design of their controls. Control owner can assess controls to check the controls and their effectiveness.
External Auditors − Datasheets can be used by external auditors; this can be used to request the information to research controls or subprocesses.
Note − Other work centers like access management, assessments and rule set up are also share by process control, access control and risk management.
The Process Control Access Management Work Center has the GRC Role Assignments section.