This is the first in a two-part itelligence blog series exploring the benefits of an SAP GRC Upgrade.
There are many benefits of upgrading to GRC 10.1 before support ends for GRC 5.3 at the end of 2015. In this blog I will discuss the benefits of a GRC upgrade, talk about the process of performing the migration process and some of the cool benefits of using the GRC 10.1 system.
If you are not familiar with SAP GRC, let’s get up to speed:
There comes a time when everything has to change. IT systems go through a cycle of change and so does the GRC system. Well the time of “broke” is coming. Meaning that the end of maintenance support for SAP GRC 5.3 version is happening on December 31st 2015. It’s time to say goodbye to the good old web Java version of GRC and move to the latest and greatest GRC 10.1 where HANA can used just like every other SAP system.
What this generally means:
- SAP will stop supporting your GRC 5.3 system and you will have to rely on your technical team internally to handle the issues.
- SAP will not perform any new developments in the 5.3 system and all efforts will be focused on the 10.1 system
- It’s time for you to find a consulting firm such as itelligence to help you build the business case for your SAP GRC upgrade project.
GRC 10.1 is a true blessing for GRC administrators and the end users. For an end user the system is fast and has a sleek user interface. In technical terms the theme used is called Corbu. This theme has a grey user interface that is significantly faster than the Java version in 5.3. For administrators, you can now call your ABAP programmer if anything goes wrong in your GRC system. Unlike the 5.3 system which is built in Java it was difficult to leverage the ABAP’ers. In 10.1 version you can now build custom programs and tcodes if necessary. There are several other benefits of an SAP GRC Upgrade which are explained below.
Some other key SAP GRC Upgrade enhancements include:
- Simplified Access Request
- Custom Groups for SU01 attributes
- SAP Netweaver Gateway
- SAP HANA Integration
The Simplified Access Request Form is the most noticeable new feature in the GRC 10.1 version as this is where the transaction data is created. Some of the new features include a Maintain Display Section which allows addition/removal of sections from the request form. Maintain Fields Labels allows maintenance of field names/labels on the request form. Note that the Labels are only applicable to Simplified form and not to Regular Access Request form. The Role search criteria are now configurable in SPRO and there is no need to use business add on (BADI) to define additional search criteria. Simplified Keyword search is useful as a quick search by tcode, user, etc., and Predictive search can be turned on by AC configuration parameter 5032.
Side panels are a new feature that can be turned on if you configure SAP Netweaver Gateway Server which is included in the installation of the 10.1 version using Netweaver 7.4 system. There are several objects where side views are available. Risk insight and even mitigation are available from the side views. Side view also provides visibility into default and mapped roles.
Custom User Group can be now built in the 10.1 version. You can run risk analysis reports based on user’s attributes in the back end SU01 record 10.1. SOD report can then be run on the all users or selected users based on search criteria from SU01. Remediation View is another new feature which makes use of the GRC Netweaver Gateway server.
One of the best features of 10.1 is that role removal and mitigation is now available directly from risk analysis reports. Results are business friendly and you have the potential to make SOD remediation initiatives much easier as remediation and mitigation efforts can be analyzed by the end/business directly in the system.
View part two of this blog series, where we discuss further enhancements in an SAP GRC Upgrade including the new workflow platform in GRC 10.1 and factors to consider during migration.