Course announcements

This course provides both an overview of the SAP Governance, Risk and Compliance (GRC) solution portfolio and foundational knowledge for SAP Governance, Risk and Compliance (GRC) 12.0. By gaining familiarity with this solution’s harmonized navigation, common functions, shared master data, and the harmonized reporting framework, you will be better able to get the most value out of using the integrated applications in SAP GRC.

Goals

This course will prepare you to

• Introduce SAP Governance, Risk, and Compliance (GRC) 12.0
• Identify key governance, risk, and compliance processes supported in the SAP GRC 12.0 solution
• Describe key features and business benefits of the integrated solution
• Identify applications that integrate with the SAP GRC 12.0 solution
• Describe the purpose and location of key user interface components
• Discuss harmonized navigation and how authorizations affect what users see
• Describe how common functions and relative master data are shared across the SAP GRC solutions
• Describe the IMG organization for GRC 12.0
• Describe a general implementation process and key steps

Content

• Introduction to SAP Governance, Risk, and compliance (GRC) 12.0
  • Solution Introduction
  • Solution Overview – Enterprise Risk and Compliance
  • Solution Overview – Access Governance
  • Solution Overview – International Trade Management
  • Solution Overview – Cybersecurity
• Information Architecture, Security, and Authorizations
  • Understanding the SAP Fiori Concept and Architecture
  • Security and Authorizations
• The SAP GRC 12.0 User Interface
  • Work Centers
  • SAP Fiori
• Common Functions and Data
  • User Interface Configuration Framework
  • Shared Master Data
• Implementation and Configuration
  • Streamlined Configuration
• Reporting
  • Harmonized Reporting Framework
• SAP HANA Integration

Course announcements

GRC300 - SAP Access Control Implementation and Configuration is a comprehensive course designed to equip participants with the knowledge and skills needed to effectively implement and configure SAP Access Control solutions. This course covers key aspects of access risk analysis, role design, user provisioning, and compliance management within the SAP GRC environment. Participants will learn how to set up and customize the system to meet their organization's specific requirements, ensuring proper access controls, segregation of duties (SoD) checks, and adherence to regulatory standards. Through hands-on exercises and practical insights, attendees will gain proficiency in deploying SAP Access Control to enhance security, streamline user access processes, and maintain a compliant and well-governed IT landscape.

Goals

• This course will prepare you to:
  • Describe tasks performed by a typical SAP Access Control user
  • Explain how SAP GRC helps you to address business challenges
  • Identify authorization risks in typical business processes
  • Describe the Segregation of Duties Risk Management Process
  • Describe and configure functionality and features for SAP Access Control
  • Use the SAP Access Control application to analyze and manage risk, design and manage roles, and provision and manage users
  • Describe the SAP Access Control architecture and landscape, SAP Access Control Repository, and Object Level Security
  • Describe the Periodic Access Review process
  • Plan for and manage emergency access
  • Configure workflows, including multi-stage multi- path (MSMP) workflows and BRF+
  • Describe how the different applications of the SAP GRC Solution integrate with each other
  • Discuss key tasks in the SAP Access Control implementation process

Content

• Introduction to Access Governance using SAP Access Control
  • Business Challenges and Solutions
  • SAP Access Control Functionality and Integration Scenarios
• Identification and Management of Access Risk
  • Identifying Access Risks
  • The Access Risk Management Process
• User Experience, Security Concepts and System Architecture
  • User Access and the User Experience
  • User Access using the SAP Business Client
  • User Access using SAP Fiori Launchpad
  • SAP Access Control System Architecture
• Configuration Overview
  • Shared SAP GRC Settings
  • SAP Access Control Specific Settings
  • SAP Access Control Business Configuration (BC) Set Overview
  • Managing the Access Control Repository
• Risk Analysis
  • Maintaining Master Data and Access Control Owners
  • Risk Recognition
  • Rule Building and Validation
  • Access Risk Analysis
  • Risk Remediation
  • Risk Mitigation
  • Continuous Compliance
  • Appendix: (Optional) Access Risk Analysis Parameter Configuration
• SAP Business Rule Framework (BRFplus)
  • Introduction to Business Rules and Business Rule Management Systems
  • Defining MSMP Workflow-Related Rules using SAP Business Rule Framework BRFplus
  • Configuration and Maintenance of MSMP Workflow-Related Rules
• Multi-Stage, Multi-Path (MSMP) Workflow
  • Introducing Multi-Stage, Multi-Path (MSMP) Workflow
  • Implementing Multi-Stage, Multi-Path (MSMP) Workflow
• User Provisioning
  • Configuring User Provisioning Settings
  • Configuring Access Request Forms
  • Preparing Roles and Owner Data for MSMP Workflow
  • Requesting Access
  • Reviewing Search Request Results
  • Appendix: (Optional) User Provisioning Parameter Settings
• Role Design and Management
  • Configuring Role Management
  • Configuring Role Methodology
  • Configuring Role Search Attributes
  • Planning for Technical Role Definition
  • Planning for Business Role Definition
  • Consolidating Roles Through Role Mining
  • Performing Role Mass Maintenance Operations
  • Appendix (Optional) Evaluate Parameters for Role Management
• Emergency Access Management
  • Describing Emergency Access Management
  • Planning for Emergency Access Management
  • Monitoring Emergency Access
  • Appendix (Optional) Evaluate Parameters for Emergency Access Management
• Periodic Access Review Process
  • Planning Periodic Review
  • Monitoring Periodic Review
  • Appendix (Optional) Evaluate Parameters for Periodic Access Review
• Appendix (Optional) Maintaining Custom Fields
  • Maintaining Custom Fields

Prerequisites

Essential

GRC100

Course announcements

This course offers a detailed, hands-on overview of the configuration and implementation of SAP Process Control 12.0, as well as important concepts you will need to know in order to prepare for implementation and ongoing prevention of process risk.

Goals

This course will prepare you to

• Discuss the purpose and business use of Process Control
• Describe key features of SAP Process Control 12.0
• Describe risk-based internal controls
• Discuss User Access and New User Experience
• Discuss Process Control customizing settings and Implementation
• Planning
• Create and manage master data
• Implement the Process Control solution
• Plan and process surveys and tests
• Overview set up and maintenance Continuous Monitoring
• Discuss Closing Activities Sign-off and Aggregation of Deficiencies
• Describe the Multi-Compliance Framework
• Use the harmonized reporting framework

Content

• Overview of Enterprise Risk and Compliance concepts
• Describe Governance and Internal Control objectives and introduction of SAP Process Control
  • Describe how Process Control helps strengthen internal controls
  • Describe how Process Control provides an effective solution for managing internal control and compliance activities
  • Describe the technical requirements for SAP GRC12.0 installation
• Discuss Implementation Planning
  • Describe the purpose of the common technical platform
  • Explain the benefits from a streamlined end user experience
• Configuration Requirements and Customizing Activities
  • IMG Customize tasks in general
  • Configure shared master data settings
  • Configure workflow in the IMG
  • Perform Process Control-specific customizing tasks in the IMG
• Creation and Management of Manage Master Data
  • Describe master data requirements, including methods for loading and maintaining master data
  • Master Data configuration process and procedure
• Overview of the Multi-Compliance Framework
  • Configure a multi-compliance framework
• Describe Surveys and Manual Testing processes and procedures in SAP Process Control
  • Describe the purpose of surveys and tests in Process Control
  • Describe the evaluation process
  • Describe Planner features and usage
  • Create survey questions, surveys and perform survey activities and workflow
• Ad Hoc Issues
  • Discuss Ad Hoc Issues
  • Configure Ah Hoc Issues
  • Create ad hoc issues
  • Discuss Remediation and Monitoring
• Continuous Control Monitoring
  • Describe features of continuous monitoring and its functionality
  • Explain the business benefits of these features
  • Identify prerequsites and configuration requirements
  • Describe the Integration Framework and Integration Scenarios
  • Create and use data sources, and business rules
• Discuss Closing Activities and Sign-Off
  • Explain the meaning of sign-off in the context of ICS management
  • Prepare and trigger the sign-off process in the planner
  • Explain results and reporting
  • Explain Aggregation of Deficiencies (AoD) in Process Control
  • Distinguish between the bottom-up approach and aggregation at the top
  • Describe the options for analysis in the AoD process
• Reporting
  • Navigate reports
  • Describe Crystal integration
  • Discuss the multi-compliance framework in reporting
  • Explain SAP SAP Fiori Apps for Process Control
  • Describe dashboard features and navigation
  • Configure dashboard prerequisites

Prerequisites

Essential

• GRC100
• Knowledge of integrated processes in an SAP system
• Knowledge of authorization concepts in an SAP system
• Practical knowledge of common business processes

Recommended

Experience with compliance regulations

Course announcements

This course offers a detailed, hands-on overview of the business processes of SAP Risk Management 12.0, as well as important concepts you will need to know in order to prepare for implementation and ongoing management of risk.

Goals

This course will prepare you to:

• Explain how SAP Risk Management supports the risk management process
• Demonstrate the functionalities and usage of the different components within SAP Risk Management
• Configure and use Key Risk Indicators (KRI) (Including HANA Based)
• Perform and understand Risk Aggregation
• Perform inherent and residual risk analysis
• Explain the integration with SAP Process Control
• Show how to implement SAP Risk Management following the best practices from SAP
• Explain advance features of SAP Risk Management Risk Based Control Self-Assessment (RCSA), Ad-hoc Risk escalation etc

Content

• Introduction to Risk Management
  • Risk and Business Environment
  • Risk Management Process Overview
• Risk Planning
  • Master Data
  • Organization Hierarchy and Views
  • Objective Hierarchy
  • Activity Hierarchy
  • Risk and Response Catalogs
• Risk Identification
  • Activity Management
  • Risk / Opportunity Creation
• Risk Analysis
  • Surveys
  • Collaborative Risk Assessment
  • Risk Grouping, Aggregation, Analysis and Validation
• Risk Response
  • Responses and Enhancement Plans
  • Response Assignment
  • Create a New Response in a Risk
  • Residual Risk Analysis (Current)
  • Assign a Control to a Risk
  • Control Proposal
  • Assigning Subprocesses to the Organization
• Key Risk Indicators
  • Introduction to Key Risk Indicators
  • KRI Design, Template Creation, Implementation, Instantiation, Localization, Business Rules
  • HANA Based KRIs
• Risk Monitoring
  • Planner
• My Home
  • Work Inbox
  • Ad-Hoc Tasks and Risk Escalation
• Authorization Concepts
  • Roles and Authorizations
  • SAP Business Client
  • SAP Fiori
• Enhanced Features

Prerequisites

Essential

• GRC100
• Knowledge of integrated processes in an SAP system
• Practical knowledge of common business processes

Recommended

Experience with risk identification, management and planning

Course announcements

This is a course for power users, business process owners and developers with responsibilities for building Detection Methods or making use of existing Detection Method with SAP Business Integrity Screening. A core objective of this course is to create end to end Detection Methods. In order to achieve this objective, participants will learn how to create a data model and how to design use cases in order build Detection Methods and Detection Strategies by using SAP Business Integrity Screening. Participants will also get an overview and introduction about other features of SAP Business Integrity Screening, like Address Screening, Machine Learning or Worklists. Participants will engage in Design Thinking for the Scoping, Ideating, and framing detection patterns. This is a very hands-on, interactive course.

Goals

This course will prepare you to:

• Understand the solution architecture and features
• Understand prerequisites and implementation methodology to create Detection Methods
• Implement customer defined Detection Methods
• Understand how machine learning can be utilized and integrated
• Understand risk assessment and alert handling
• Understand how solution can be operationalized

Content

• Introduction to SAP Business Integrity Screening
• Design and Concept: Solution Architecture and Data Model
• Detection of suspicious patterns
  • Types of Detection Methods
  • Concept of Detection Strategies
  • Design Thinking exercises and Hands-On exercises
  • Use cases: Real life implementations
• Technical Implementation
  • Hands-On exercises
• Investigation and Workflow
• Roles and Authorizations
• Machine Learning
• Address Screening
• Various Features, e.g. Worklist
  • Hands-On exercises

Prerequisites

Essential

• Basic SAP Customizing
• Basic know-how in ABAP Development Tools (ADT) and SQL

Recommended

• HA150 – SAP HANA 2.0 SPS05 SQLScript for SAP HANA
• HA300 – SAP HANA 2.0 SPS05 Modelling
• S4D430 – Building Views in ABAP Core Data Services