지금 지원 담당자와 채팅
지원 담당자와 채팅

Identity Manager 8.1.5 - Administration Guide for the SAP R/3 Compliance Add-on

SAP functions and identity audit Setting up a synchronization project for synchronizing SAP authorization objects Base data for SAP functions Finding non-compliant authorizations Setting up SAP functions Compliance rules for SAP functions Mitigating controls Configuration parameters for SAP functions Default project template for the SAP R/3 Compliance Add-on Module Referenced SAP R/3 tables and BAPI calls

Enabling working copies

SAP authorizations are only checked on the basis of active SAP functions. When you enable the working copy, the changes are transferred to the function definition. An active function definition is added to a new working copy.

To transfer changes from a working copy to a function definition

  1. Select the Identity Audit | SAP Functions | Function definition working copies category.
  2. Select the function definition in the result list.
  3. Select the Enable working copy task.
  4. Confirm the security prompt with OK.

Mitigating controls

Mitigating controls can be stored with SAP functions. These reduce the effects on the company when SAP users match with SAP functions. At the same time, you specify how to deal with SAP users or SAP groups that match the SAP function. For example, changing a user assignment to an SAP role in the SAP system can be used as a mitigating control for an SAP function.

Mitigating controls can also be used as controlling measures for compliance rules. Mitigating controls assigned to the SAP functions for testing are automatically transferred into compliance rules about SAP functions.

Prerequisites:

  • Active rules are assigned to a functional area and a department.
  • The SAP functions for testing are assigned to the same functional area and then associated variable set of the same department.

To edit mitigating controls

  • In the Designer, set the "QER | CalculateRiskIndex" configuration parameter.
Detailed information about this topic

Assigning mitigating controls

To assign mitigating controls to a function definition

  1. Select the Identity Audit | SAP Functions | Function definition working copies category.
  2. Select the working copy in the result list.
  3. Select the Assign mitigating controls task.
  4. In the Add assignments pane, assign mitigating controls.

    – OR –

    In the Remove assignments pane, Remove mitigating control assignments.

  5. Save the changes.

Creating mitigating controls

To create a mitigating control for SAP functions

  1. Select the Identity Audit | SAP functions | Function definition working copies category.
  2. Select a working copy in the result list.
  3. Select the Assign mitigating controls task.
  4. Select the Create mitigating controls task.
  5. Enter the master data for the mitigating control.
  6. Save the changes.
  7. Select the Assign function definitions task.
  8. In the Add assignments pane, double-click the function definitions you want to assign.
  9. Save the changes.
Detailed information about this topic
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택