Enhanced Alerts in SAP Access Control 10.x

  • by Jitan Batra, Senior Developer for SAP Access Control and Process Control, SAP Labs India, Pvt. Ltd.
  • June 1, 2015
Alerts are more enhanced in Access Control 10.0 and 10.1 as compared to the Access Control 5.x releases. From the 10.x release and on alerts are generated only when an access risk is satisfied at the permission level, which eradicates false positive alerts. An example illustrates the enhanced alerts. Also gain insight into mitigation control alerts and the cleared vs. deleted alert concept.

Learning Objectives
Reading this article, you will learn:
  • The difference in alert functionality from the 5.3 to the 10.0 releases
  • How to use conflicting and mitigation control alerts
  • The difference between a clear alert and a delete alert
  • About the enhancements in alert email notifications
Key Concept

Alerts can be used to prioritize access risks for early remediation as they indicate which access risk is more exploited. Alerts are not meant to replace the remediation process; rather, they assist it. Alerts are early indicators that you can use for deeper investigation to check whether actual changes were made or if a user has just displayed the transactions. They show how many times these transactions were executed.

Alert functionality in SAP Access Control provides a medium to generate alert notification when a user performs critical or conflicting actions in SAP ERP or SAP NetWeaver systems. In Access Control release 5.x alerts are generated for display transactions. The system only checks if the user has violated segregation of duties (SoD) or critical action access risks at the action level. However, in the Access Control 10.x release, alerts functionality has been enhanced and SoD and critical action alerts are only generated when a user violates access risk at the permission level. I cover how alerts are captured in Access Control, followed with an example to explain how permission alerts are generated in the 10.x release.

Jitan Batra

Jitan Batra is a senior developer for SAP Access Control and is currently working in SAP Labs India Pvt. Ltd. in development support for SAP Process Control. He has different certifications, including SAP Access Control 10.0, ISEB, and ISTQB. He was the development implementation partner for GRC Access Control 10.0 at Daimler APAC, which was the first deployment of the product in APJ and globally. He has also conducted public batch trainings for the SAP Access Control 10.0 course.

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.