Options to Manage Connector Configuration in SAP BusinessObjects GRC 10.0

  • by Simon Persin, Senior Manager, Turnkey Consulting
  • March 12, 2012
Discover the various options available to manage connector configuration. Learn the positives and negatives of each option to help you make an informed decision on the recommended approach for each individual SAP BusinessObjects GRC 10 implementation.
Key Concept
Connectors, which in SAP GRC 10.0 are based on the SAP Remote Function Call, link all the business systems that are part of an organization’s GRC operation. Connectors hold core information relating to each of these systems, such as what they do and the risks with which they are associated. This risk information is then used to report against the user and authorization data in each system in order to ensure compliance. These connectors also act as the mechanism for handling.

SAP BusinessObjects GRC 10.0 requires users to connect systems using standard SAP communication protocols. However, this connection method results in a conflict between master data and configuration management. Although master data can be maintained directly in each of the associated systems, it is a good practice for the configuration of these systems to be handled via a more robust change management process (usually via transports in the SAP system). This is a key focus area for auditors and is especially important in the area of security and GRC, as uncontrolled changes can increase the risks to system integrity and compromise the accuracy of compliance reporting.

Connectors are a critical part of the SAP BusinessObjects GRC setup to identify the target systems for all SAP BusinessObjects GRC functionality. In previous versions, the only method to manage these connections was through direct maintenance in the required SAP BusinessObjects GRC system. Although this method was effective in facilitating a flexible system landscape, it often came under fierce criticism from audit and system administrators alike, as it did not adhere to SAP's best practice processes for technical change management.

SAP BusinessObjects GRC 10.0 is managed within the SAP NetWeaver ABAP stack; therefore, it supports the full Transport Management System as per other SAP components. Within SAP BusinessObjects GRC 10.0 the connectors are managed through a combination of standard SAP RFC destinations and additional GRC-specific configuration settings via the IMG.

Simon Persin

Simon Persin is an experienced SAP security and SAP GRC solution architect having designed, reviewed, and implemented SAP security and compliance solutions for a number of major blue-chip clients. With a base in SAP security and authorizations, he provides technical, operational, and consulting expertise. Simon is also a certified SAP NetWeaver technology consultant for SAP security and a certified instructor for SAP GRC training courses in the UK. In addition, he is a certified SAP strategic expert partner for the GRC solution area and supports pre-sales activities on behalf of SAP. In addition to presenting and contributing to the international GRC conferences, SDN, and other GRC online forums, Simon is regularly commissioned to write articles and provide comment in industry publications.

Simon will be presenting at the upcoming SAPinsider GRC 2017 conference, June 14-16, 2017, in Amsterdam. For information on this event, click here.

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.