SAP Process Control (Boddu, RaghuChaitanya, Ramakrishna) (z-library.sk, 1lib.sk, z-lib.sk)

📄 File Format: PDF

💾 File Size: 31.3 MB

📖 Read Online ⬇️ Download

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1

(This page has no text content)

📄 Page 2

Prathyusha Garimella, Shashidhar Garimella SAP® Landscape Transformation Replication Server The Practical Guide

📄 Page 3

Imprint This e-book is a publication many contributed to, specifically: Editor   Meagan White Acquisitions Editor   Hareem Shafi Copyeditor   Julie McNamee Cover Design   Graham Geary     iStockphoto: 157288739/© ranplett Production E-Book   Hannah Lane Typesetting E-Book   Satz-Pro, Germany We hope that you liked this e-book. Please share your feedback with us and read the Service Pages to find out how to contact us. The Library of Congress Cataloging-in-Publication Control Number for the printed edition is as follows: 2024001803 ISBN 978-1-4932-2525-5 (print) ISBN 978-1-4932-2526-2 (e-book) ISBN 978-1-4932-2527-9 (print and e-book) © 2024 by Rheinwerk Publishing Inc., Boston (MA) 1st edition 2024

📄 Page 4

Notes on Usage This e-book is protected by copyright. By purchasing this e-book, you have agreed to accept and adhere to the copyrights. You are entitled to use this e-book for personal purposes. You may print and copy it, too, but also only for personal use. Sharing an electronic or printed copy with others, however, is not permitted, neither as a whole nor in parts. Of course, making them available on the internet or in a company network is illegal as well. For detailed and legally binding usage conditions, please refer to the section Legal Notes. This e-book copy contains a digital watermark, a signature that indicates which person may use this copy:  

📄 Page 5

Notes on the Screen Presentation You are reading this e-book in a file format (EPUB or Mobi) that makes the book content adaptable to the display options of your reading device and to your personal needs. That’s a great thing; but unfortunately not every device displays the content in the same way and the rendering of features such as pictures and tables or hyphenation can lead to difficulties. This e-book was optimized for the presentation on as many common reading devices as possible. If you want to zoom in on a figure (especially in iBooks on the iPad), tap the respective figure once. By tapping once again, you return to the previous screen. You can find more recommendations on the customization of the screen layout on the Service Pages.

📄 Page 6

Table of Contents Notes on Usage Table of Contents Preface 1   Introduction to SAP Process Control 1.1   History of SAP Process Control 1.1.1   Semi-Automated Controls 1.1.2   Manual Control Performance Integration with Continuous Control Monitoring 1.1.3   Standalone Jobs 1.1.4   Mass Maintenance of User Assignments 1.1.5   Introduction New Reports and Dashboards Based on SAP Fiori Tiles 1.2   Architecture and Landscape 1.3   Regulatory Requirements, Supported Systems, and Integrations

📄 Page 7

1.3.1   Regulatory Requirements and SAP Process Control 1.3.2   Business Benefit of SAP Process Control 1.3.3   Supported Systems 1.3.4   Integrations 1.4   Enterprise Risk and Internal Control Management 1.5   Enterprise Risk and Compliance Management 1.5.1   First Line of Defense 1.5.2   Second Line of Defense 1.5.3   Third Line of Defense 1.6   Summary 2   Governance 2.1   Strengthen Internal Controls 2.1.1   People 2.1.2   Processes 2.1.3   Technology 2.2   Manage Internal Controls 2.3   Integration Approach 2.3.1   SAP GRC Solutions 2.3.2   Third-Party Solutions 2.4   Summary

📄 Page 8

3   Prerequisites 3.1   Check License Agreements 3.1.1   Creating the SAP GRC System in the SAP for Me Portal 3.1.2   Generating and Applying the SAP GRC License 3.2   System Sizing 3.2.1   Initial Sizing 3.2.2   Expert Sizing 3.2.3   Customer-Specific Sizing 3.3   Component and Plug-In Requirements 3.3.1   SAP Process Control Component 3.3.2   SAP GRC Plug-Ins 3.4   Summary 4   Basic Configuration 4.1   Initial Configuration 4.1.1   Activate the Application in the Client 4.1.2   Activate the BC Sets 4.1.3   Activate Transaction SICF Services 4.1.4   Second-Level Authorizations: Maintain Authorization Customization

📄 Page 9

4.2   Workflow Configuration 4.2.1   Task-Specific Customizing 4.2.2   Entity Role Assignment 4.2.3   Custom Agent Determination 4.2.4   Fallback Users 4.3   Shared Master Data Settings 4.3.1   Create a Root Organization Hierarchy 4.3.2   Activate the Workflow for Master Data Changes 4.3.3   Maintain the Ability to Add Locally Defined Controls 4.4   Integration Framework 4.4.1   Create Connectors 4.4.2   Maintain Connectors and Connection Types 4.4.3   Maintain Connection Settings 4.5   Multiple Compliance Framework 4.5.1   Define Subtypes for Regulation-Specific Attributes 4.5.2   Configure Compliance Initiatives 4.5.3   Relate Regulation to Plan Usage 4.6   Other Configurations 4.6.1   Maintain Master Data Attribute Values 4.6.2   Check Customizing for Case Management 4.7   Introduction to Work Centers for SAP Process Control 4.7.1   My Home 4.7.2   Master Data

📄 Page 10

4.7.3   Rule Setup 4.7.4   Assessments 4.7.5   Access Management 4.7.6   Reports and Analytics 4.8   Summary 5   Master Data Management 5.1   Introduction to Master Data 5.1.1   Overview of Key Master Data Elements 5.1.2   Relationship between Master Data Attributes 5.2   Business Process Hierarchies 5.2.1   Business Process 5.2.2   Subprocess 5.2.3   Control 5.3   Organization Hierarchies 5.3.1   Creation of an Organization 5.3.2   Control Localization 5.3.3   Add a Control Directly under the Local Subprocess 5.4   Users and Roles 5.4.1   User Assignment 5.4.2   Replacing Users 5.4.3   Removing Users 5.4.4   Maintaining User Assignments from the Access Management Work Center

📄 Page 11

5.4.5   Central Delegation 5.5   Working with Indirect Entity-Level Controls 5.5.1   Indirect Entity-Level Control Group 5.5.2   Indirect Entity-Level Control 5.5.3   Localization of Indirect Entity-Level Controls 5.6   Approval Workflow for Master Data Changes 5.6.1   Request Change 5.6.2   Approve Change 5.6.3   Implement Change 5.6.4   Review Change 5.7   Uploading Master Data Using the Master Data Upload Generator 5.8   Summary 6   Control Evaluation 6.1   Introduction to Control Evaluation 6.2   Control Design Assessment 6.2.1   Define Survey Library 6.2.2   Scheduling Controls Using the Planner 6.2.3   Workflow Structure 6.2.4   Assessment and Issue Remediation Process 6.3   Control Self-Assessment

📄 Page 12

6.3.1   Define Survey Library 6.3.2   Scheduling Controls Using the Planner 6.3.3   Workflow Structure 6.3.4   Assessment and Issue Remediation Process 6.4   Manual Control Performance 6.4.1   Define Performance Plans 6.4.2   Scheduling Controls Using the Planner 6.4.3   Workflow Structure 6.4.4   Control Performance Process 6.4.5   Mass Maintenance of Performance Plans 6.5   Manual Test of Effectiveness 6.5.1   Define Manual Test Plans 6.5.2   Map Test Plans to Controls 6.5.3   Schedule Manual Controls Using the Planner 6.5.4   Workflow Structure 6.5.5   Control Testing and Issue Remediation Process 6.5.6   Usage of Control Performance Results 6.6   Reporting 6.7   Summary 7   Ad Hoc Issue Management 7.1   Configuration 7.1.1   Enable Ad Hoc Issues by Object Type 7.1.2   Maintain Ad Hoc Issue Sources

📄 Page 13

7.2   Issue Remediation Process 7.2.1   Stages 7.2.2   Reporting Ad Hoc Issues 7.2.3   Issue Remediation 7.2.4   Implementation of Remediation Plan 7.2.5   Close Issue 7.3   Reporting 7.4   Summary 8   Continuous Control Monitoring 8.1   Introduction to Continuous Control Monitoring 8.2   Data Sources 8.2.1   Usage of Configurable Subscenarios 8.2.2   Usage of Other Key Subscenarios 8.3   Business Rules 8.3.1   Configuration of Business Rules 8.3.2   Customized Date Filters and Runtime Determination Rules 8.3.3   BRFplus Condition and Calculations in a Business Rule 8.4   Perform Control Business Rule Assignment

📄 Page 14

8.5   Create an Automated Monitoring Job 8.5.1   Automated Monitoring Job 8.5.2   Standalone Job 8.6   Transport Procedure 8.6.1   Preparation Activities in the Original System for Transport 8.6.2   Activities in the Target System after Transport 8.6.3   Transport of BRFplus Business Rule Data 8.7   Export and Import Functionality 8.7.1   Export Data Sources and Business Rules Configuration 8.7.2   Import Data Sources and Business Rules Configuration 8.8   Usage of the SAP HANA Subscenario 8.8.1   Configuration of Calculation Views in SAP HANA 8.8.2   Establishing RFC Connectors 8.8.3   Creation of a Data Source in SAP Process Control 8.9   Reporting 8.9.1   Job Monitor 8.9.2   Monitoring Issue Status 8.9.3   Monitoring Remediation Status 8.10   Summary

📄 Page 15

9   Additional Features in SAP Process Control 9.1   Policy Lifecycle Management 9.1.1   Configuration of Policy 9.1.2   Policy Review/Approve Workflow 9.1.3   Policy Distribution Methods 9.2   Disclosure Surveys 9.2.1   Types of Disclosure Surveys 9.2.2   Schedule Disclosure Survey Using the Planner 9.2.3   Workflow Structure 9.2.4   Respond to Disclosure Survey and Ad Hoc Issue Remediation 9.3   Sign-Off Functionality 9.3.1   Sign-Off Process Overview and Prerequisites 9.3.2   Roles and Workflow 9.3.3   Scheduling Using the Planner 9.3.4   Perform Sign-Off 9.3.5   Post Sign-Off: Master Data Freeze 9.3.6   Monitor Sign-Off Report 9.4   Summary 10   Reporting

📄 Page 16

10.1   Reports by Work Centers 10.1.1   Key Reports under Master Data 10.1.2   Key Reports under Rule Setup 10.1.3   Key Reports under Assessments 10.1.4   Key Reports under Reports and Analytics 10.2   Personalization and Configuration 10.2.1   Personalize Columns 10.2.2   Personalize Organization Filters 10.3   Interpretation of Report Results 10.3.1   Report Interpretation with Time Frame Filters 10.3.2   Report Interpretation with Regulation Filters 10.4   Summary 11   SAP Fiori for SAP Process Control 11.1   SAP Fiori Apps for SAP Process Control 11.1.1   SAP Fiori Architecture 11.1.2   Terminology 11.2   SAP Fiori Configuration 11.2.1   Prerequisites 11.2.2   Activating SAP Gateway

📄 Page 17

11.2.3   Activating Internet Communication Framework Services 11.2.4   Maintain OData Services 11.2.5   Set Up Remote Function Call Connections 11.2.6   Mapping Remote Function Call Connections to the System Alias 11.2.7   Replicate the SAP Fiori Catalog 11.3   Working with SAP Fiori Apps 11.3.1   Creating Custom Catalogs 11.3.2   Create a Custom Group 11.4   Mapping Custom Catalogs, Groups, and Space IDs to Transaction PFCG Roles 11.4.1   Adding Catalogs to Transaction PFCG Roles 11.4.2   Adding Groups to Transaction PFCG Roles 11.4.3   Mapping Space IDs 11.5   Summary 12   SAP Financial Compliance Management 12.1   Overview 12.2   Master Data Elements 12.2.1   Controls 12.2.2   Organizations 12.2.3   Process

📄 Page 18

12.2.4   Regulations 12.2.5   Master Data Dashboards 12.3   Control Evaluation Procedures 12.3.1   Procedures 12.3.2   Work Packages 12.3.3   Perform Manual Procedures 12.3.4   Process Issues/Found Items 12.3.5   Evaluation Dashboards 12.4   Summary A   The Authors Index Service Pages Legal Notes

📄 Page 19

Preface In today’s world, security breaches and compliance violations are on the rise, making it imperative for organizations to have a strong and effective approach to managing security and compliance risks. SAP Process Control is a solution enabling enterprises to manage their governance, risk, and compliance (GRC) needs and streamline their compliance management and internal control processes with its advanced features and functionalities. SAP Process Control has revolutionized the way organizations approach internal controls and compliance reporting. This book is the ultimate guide to SAP Process Control. Whether you’re an experienced GRC professional, a security analyst, or an SAP consultant, this book will equip you with a comprehensive understanding of the various features and functionalities found in SAP Process Control. From configuration to master data management, from control evaluation to reporting, this book covers everything. So, let’s embark on a journey to explore the world of SAP GRC solutions and SAP Process Control. This book will help you discover what SAP Process Control can do for you and take your career to new heights!

📄 Page 20

Target Audience This book is written for security analysts who need to acquire an in-depth knowledge of the software to manage security risks in their organizations and for SAP consultants who want to develop expertise in SAP Process Control to help their clients manage their GRC needs. The book is also for auditors who want to comprehend the importance of SAP Process Control and its impact on audits, IT professionals who want to learn how to use SAP Process Control to manage security and compliance risks in their organization, compliance professionals who want to understand the role of SAP Process Control in managing compliance risks, and risk managers who want to learn how to use SAP Process Control to identify and mitigate risks. Additionally, the book targets business analysts who want to understand how SAP Process Control can help their organizations maintain compliance with regulatory requirements, C-level executives who want to grasp the significance of SAP Process Control in managing security and compliance risks, and project managers who need to implement SAP Process Control in their organizations and want to understand its features and functionalities. Other target audiences for the book include business process owners who want to understand how SAP Process Control can help them manage their business processes and identify potential risks, SAP end users who want to understand how to use SAP Process Control to manage their access to SAP applications, compliance officers who need to manage compliance risks in their organization, and internal