end user guide sap grc

Transcription

2012
END USER GUIDE
SAP® GRC
MASTER DATA UPLOAD GENERATOR™
10.0
Target Audience
 System Administrators
 Technology Consultants
Document version: 0.60 October 2012
© Copyright 2012 SAP AG. All rights reserved.
Java is a registered trademark of Sun Microsystems,
No part of this publication may be reproduced or
Inc
transmitted in any form or for any purpose without the
JavaScript is a registered trademark of Sun
express permission of SAP AG. The information
Microsystems, Inc., used under license for technology
contained herein may be changed without prior notice.
invented and implemented by Netscape.
Some software products marketed by SAP AG and its
SAP, R/3, xApps, xApp, SAP NetWeaver, Duet,
distributors contain proprietary software components
PartnerEdge, ByDesign, SAP Business ByDesign, and
of other software vendors.
other SAP products and services mentioned herein as
Microsoft, Windows, Excel, Outlook, and PowerPoint
well as their respective logos are trademarks or
are registered trademarks of Microsoft Corporation.
registered trademarks of SAP AG in Germany and in
several other countries all over the world. All other
IBM, DB2, DB2 Universal Database, System, System
product and service names mentioned are the
i5, System p, System p5, System x, System z, System
trademarks of their respective companies. Data
z10, System z9, z10, z9, iSeries, pSeries, xSeries,
contained in this document serves informational
zSeries, eServer, z/VM, z/OS, i5/OS, S/390, OS/390,
purposes only. National product specifications may
OS/400, AS/400, S/390 Parallel Enterprise Server,
vary.
PowerVM, Power Architecture, POWER6+,
POWER6, POWER5+, POWER5, POWER,
These materials are subject to change without notice.
OpenPower, Power PC, BatchPipes, BladeCenter,
SAP AG and its affiliated companies (“SAP Group”)
System Storage, GPFS, HACMP, RETAIN, DB2
provide these materials for informational purposes
Connect, RACF, Redbooks, OS/2, Parallel Sysplex,
only, without representation or warranty of any kind,
MVS/ESA, AIX, Intelligent Miner, WebSphere,
and SAP Group shall not be liable for errors or
Netfinity, Tivoli and Informix are trademarks or
omissions with respect to the materials. The only
registered trademarks of IBM Corporation.
warranties for SAP Group products and services are
those that are set forth in the express warranty
Linux is the registered trademark of Linus Torvalds in
statements accompanying such products and services,
the U.S. and other countries.
if any. Nothing herein should be construed as
Adobe, the Adobe logo, Acrobat, PostScript, and
constituting an additional warranty.
Reader are either trademarks or registered trademarks
Disclaimer
of Adobe Systems Incorporated in the United States
Some components of this product are based on Java™.
and/or other countries.
Any code change in these components may cause
Oracle is a registered trademark of Oracle
unpredictable and severe malfunctions and is therefore
Corporation.
expressively prohibited, as is any decompilation of
UNIX, X/Open, OSF/1, and Motif are registered
these components.
trademarks of the Open Group.
Any Java™ Source Code delivered with this product
Citrix, ICA, Program Neighborhood, MetaFrame,
is only to be used by SAP’s Support Services and may
WinFrame, VideoFrame, and MultiWin are
not be modified or altered in any way.
trademarks or registered trademarks of Citrix Systems,
Documentation in the SAP Service Marketplace
Inc.
You can find this documentation at the following
HTML, XML, XHTML and W3C are trademarks or
registered trademarks of W3C®, World Wide Web
Consortium, Massachusetts Institute of Technology.
©2010, 2011, 2012
SAP GRC
address:
http://service.sap.com/
Title: SAP® GRC Master Data Upload Generator™ End User Guide
Version: 0.6
Date: 10/18/2012
Page 2 of 32
1 Document History
CAUTION
Before you start using SAP Master Data Upload Generator™ 10.0, make sure you have the latest
version of this document.
The following table provides an overview of the changes to this document.
Version
Date
Description
0.1
12/06/2010
Initial draft
0.4
12/30/2010
Added Column Index and
Frequently Asked Questions
0.5
02/18/2011
Added Copyright Information
0.6
10/18/2012
Added CDF support
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 3 of 32
Table of Contents
1
2
3
Introduction ............................................................................................................................... 6
Before You Start ....................................................................................................................... 7
Master Data Upload Process ................................................................................................... 8
3.1
Prerequisites .................................................................................................................... 8
3.2
Generate the Master Data Template ............................................................................... 9
3.2.1 Generate the Master Data Template ....................................................................... 9
3.2.2 Generate the Master Data Template with CDF Fields .......................................... 10
3.3
Maintain Data ................................................................................................................. 11
3.3.1 General Tips .......................................................................................................... 11
3.3.2 Organization .......................................................................................................... 14
3.3.3 Orgunit Parent ....................................................................................................... 15
3.3.4 Risk Category ........................................................................................................ 16
3.3.5 Risk Template ........................................................................................................ 16
3.3.6 Risk Impact ............................................................................................................ 16
3.3.7 Risk Driver ............................................................................................................. 17
3.3.8 Control Objective ................................................................................................... 17
3.3.9 Control Objective Risk ........................................................................................... 17
3.3.10
Account Group ................................................................................................... 17
3.3.11
Account Group Risk ........................................................................................... 18
3.3.12
Consolidated Account Balances ........................................................................ 18
3.3.13
Test Plan ............................................................................................................ 19
3.3.14
Test Plan Steps ................................................................................................. 19
3.3.15
Central Process ................................................................................................. 19
3.3.16
Subprocess Control Objective ........................................................................... 20
3.3.17
Subprocess Account Group ............................................................................... 20
3.3.18
Subprocess Control Objective ........................................................................... 21
3.3.19
Subprocess Risk ................................................................................................ 21
3.3.20
Central Control ................................................................................................... 22
3.3.21
Control Risks ..................................................................................................... 23
3.3.22
Central iELC Group ........................................................................................... 25
3.3.23
Central iELC ...................................................................................................... 25
3.4
Validate Data ................................................................................................................. 26
3.5
Upload Data ................................................................................................................... 27
3.5.1 Upload Data ........................................................................................................... 27
3.5.2 Subsequent Upload ............................................................................................... 28
3.6
Regulation Requirement Loading .................................................................................. 28
3.7
Multiple Language Support ............................................................................................ 29
3.8
Review Log .................................................................................................................... 29
4 Frequently Asked Questions .................................................................................................. 31
4.1
Data maintenance.......................................................................................................... 31
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 4 of 32
5
4.2
Data upload errors ......................................................................................................... 31
Appendix: Data Dependency for Related Objects.................................................................. 32
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 5 of 32
1 Introduction
SAP GRC Master Data Upload Generator™ (MDUG) 10.0 is a solution that enables you to rapidly
set up Master Data for SAP GRC Process Control™ 10.0. Using a Microsoft Excel template, you
can easily maintain Master Data in a familiar environment. SAP GRC Master Data Upload
Generator™ also has built-in business rules that allow you to simulate the Master Data without
uploading the data into the system. This feature not only provides the capability to validate the
data, but also prevents invalid data from being entered into the system.
SAP Notes for Master Data Upload Generator
Review the following notes related to the Master Data Upload Generator.
Note Number
Note Description
1549428
Import and Export Performance Improvement
1551241
MDUG background job support
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 6 of 32
2 Before You Start
Make sure that you have the up-to-date version of each SAP Note, which you can find on SAP
Service Marketplace at:
http://service.sap.com/notes
For more information about specific topics, see the following Quick Links.
Content
SAP Service Marketplace Location
Related SAP Notes
http://service.sap.com/notes
Released platforms
http://service.sap.com/platforms
SAP Solution Manager
http://service.sap.com/solutionmanager
NOTE
SAP GRC Master Data Upload Generator™ 10.0 supports Microsoft Excel 2003 and
Microsoft Excel 2007. Examples in this document are presented using Microsoft Excel
2007.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 7 of 32
3 Master Data Upload Process
This document assumes working familiarity with Master Data usage concepts.
3.1 Prerequisites
Complete the following steps before you begin uploading the Master Data.
NOTE

Before you start the master data upload process, you must apply GRC 10.0 SP02 or a
higher version.

If you have already applied GRC 10.0 SP02, refer to section SAP Notes for Master Data
Upload Generator and review SAP notes 1549428 and note 1551241.
Procedure
1. Configure the PC 10.0 IMG and activate the Business Configuration (BC) Sets. (See the SAP
Access Control 10.0 / Process Control 10.0 / Risk Management 10.0 Installation Guide at
service.sap.com/instguides for more information)
2. Create Regulation Group, Regulation, Regulation Requirement data in the front end by using
the portal or NetWeaver Business Client (NWBC).
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 8 of 32
3. Enable the MDUG log. Run transaction SM30, input view name GRFNVLOGENABLE and
then choose Maintain. Add the following entries, shown in the diagram, to the table.
3.2 Generate the Master Data Template
To maintain the Master Data, you must create an Excel file template.
3.2.1 Generate the Master Data Template
Procedure
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 9 of 32
1. Run transaction SE38 at the GRC system, then input program name GRFN_MDUG, and
Execute. (If you are not able to run SE38, then run transaction SA38.)
2. The technical ID column for each entity is not included in the Excel template and an ID is
automatically generated when the template is uploaded, unless you have selected the
Maintain ID Manually checkbox.
3. Click Execute. The program generates an Excel file. Choose the appropriate file format and
then save the file. This process may take some time to complete in a slow network
environment.
3.2.2 Generate the Master Data Template with CDF Fields
Procedure
1. Run transaction SM34, input view cluster name GRFNVC_FLD, and choose Maintain.
2. Maintain HR Field HR information. Examples:
a. Normal CDF example (subtype is not needed):
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 10 of 32
b. Long text CDF example (subtype must be maintained):
Note that only single value CDF fields are supported in GRC 10.0 currently.
3. Assign CDF field to an entity.
4. Generate the MDUG template again as describe in 3.2.1 Generate the Master Data
Template, and the CDF fields will appear in the new template.
3.3 Maintain Data
The following sections describe how to maintain Master Data.
3.3.1 General Tips
You can now maintain data in the created template.
Common built-in validations are summarized, as follows:

The template is case sensitive.

We recommend that you maintain the data based on the sequence in Appendix: Data
Dependency for Related Objects since most data has dependencies.

The user can maintain and upload an individual worksheet and leave other worksheets
blank.

Master Data object names are limited to 40 alphanumeric characters. The object names
should be unique.

If a Master Data object’s name is identical to another Master Data object in the system,
duplicate data will be created. The data will not be overwritten.

Master Data objects can begin with letters or numbers. Do not leave the field empty or
start the name with space. However, you can use spaces between characters.

Description text for Master Data objects has no length limitation (except for Test Plan
Details).

A dropdown list is created either by the BC set or a dependency on other Master Data.
CAUTION
Data outside the blue box will not be considered by the application and therefore it will
not be uploaded. To add additonal rows, drag the indicator at the bottom of right corner to
increase the blue box area.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 11 of 32
NOTE
You can maintain a hierarchical structure by using the Parent column. Maintain the higher
hierarachy data first.
EXAMPLE
To upload an Order to Cash process, which has a child process Order to Cash for One
Time Customers as shown below:
1. Create the higher hierarchy process Order to Cash, and then expand the blue box.
2. In the Parent column, select Order to Cash from the dropdown list.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 12 of 32
NOTE
To assign regulations to a Master Data object, add another row with the same name and
then select a regulation in the Regulation Column. The regulationspecific values can also
be maintained.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 13 of 32
CAUTION
In the MDUG template, Master Data objects with the same name will be used to update
regulationspecific data. In the previous example, the system will generate only one Order
Control under the Order subprocess. The data in the second row will only update
regulationspecific data (such as Regulation, Regulation specific, Control Significance,
Nature of Control, Level of Evidence, Control Risk, Control Relevance, or Testing
Technique) of Order Control.
3.3.2 Organization
Use the Organization worksheet to maintain the organization list regardless of its hierarchy. Use
the Orgunit Parent worksheet to set up their hierarchies.
NOTE

Regulations specific to the organization need to be maintained in the frontend.

The dropdown list in the Currency, Country, and Region columns does not display all
values. If you cannot find an appropriate value, you can manually insert only those values
which are maintained in the IMG. When you manually insert the value, you can ignore
validation error messages.
Organization Worksheet
Column
Comment
Name (Required)
Alphanumeric characters (length: 140 characters)
Description
(Optional)
Alphanumeric characters (no length limit)
Regulation Specific
(Optional)
X (Yes)
Shared Service
Provider (Optional)
Review Setting iELC
Test (Optional)
Review Setting iELC
Assessment
(Optional)

X (Activated)

(Not Activated)

C (Use Central Setting)
Review Settings
iELC Remediation
Plan (Optional)
Repeat Settings
iELC Test (Optional)
Repeat Settings
iELC Assessment
(Optional)
Average Cost Per
Control (Optional)
n/a
©2010, 2011, 2012
Version: 0.6
Date: 10/18/2012
SAP GRC
Page 14 of 32
Currency (Required)
The user can maintain attributes in the IMG.
NOTE
If you cannot find a value, you can manually enter it.
IMG setup: SAP NetWeaver > General Settings > Currencies > Check
Currency Codes
OrgLevel System
Parameter (Optional)
Self explanatory
Subject to Signoff
(Optional)
X (Yes)
Perform Deficiency
Analysis (Optional)
n/a
In Scope (Optional)
n/a
Country (Optional)
NOTE
If you cannot find a value, you can manually enter it.
IMG setup: SAP NetWeaver > General Settings > Set Countries > Specify
Countries
Region (Optional)
NOTE
Region data should be dependent on Country data. Check the IMG setting.
IMG setup: SAP NetWeaver > General Settings > Set Countries > Insert
Regions
3.3.3 Orgunit Parent
Use the following worksheet to maintain the hierarchy of the organization.
All of the Organizations that you maintained in the Organization worksheet will be displayed in the
dropdown list in the Object column.
Orgunit Parent Worksheet
Column
Dependency
Attribute
Object (Required)
Organization worksheet Name
Column
Select a value from the
dropdown list
Parent (Optional)
Organization worksheet Name
Column
dropdown list
Orgunit View (Optional)
n/a
The user can maintain
attributes in the IMG
IMG setup: GRC > Shared
Master Data Settings >
Maintain Organization Views
Object (Required)
n/a
n/a
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 15 of 32
3.3.4 Risk Category
Use this worksheet to maintain Risk Categories and their hierarchies. When you create
hierarchies, always maintain the higher hierarchy risk first.
Risk Category Worksheet
Column
Dependency
Attribute
Parent (Optional)
Risk Category worksheet
Name Column
dropdown list
Name (Required)
n/a
Alphanumeric characters
(length: 140 characters)
Description (Optional)
n/a
Alphanumeric characters (no
length limit)
3.3.5 Risk Template
Use this worksheet to maintain the Risk Template, which can be linked to other objects such as
subprocess and control. When you create hierarchies, always maintain the higher hierarchy risk
template first.
Risk Template Worksheet
Column
Dependency
Comment
Parent (Required)
Risk Template worksheet
Name column
dropdown list
Name (Required)
n/a
(length: 140)
n/a
length limit)
3.3.6 Risk Impact
Use this worksheet to link the Risk Template Object to its Impact. You can customize the Impact
Category in the IMG.
Risk Impact Worksheet
Column
Dependency
Comment
Object (Optional)
Name column
dropdown list
Impact Category (Optional)
n/a
Master Data Settings > Risk
and Opportunity Attributes >
Maintain Impact Categories
Impact Description (Optional)
n/a
length limit)
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 16 of 32
3.3.7 Risk Driver
Use this worksheet to link the Risk Template Object to its Driver. You can customize the Risk
Driver in the IMG.
Risk Driver Worksheet
Column
Dependency
Comment
Object (Required)
Name column of the Risk
Template worksheet
dropdown list
Risk Driver (Optional)
n/a
Master Data Settings > Risk
and Opportunity Attributes >
Maintain Driver Categories
Risk Driver Description
(Optional)
n/a
(no length limit)
3.3.8 Control Objective
Use this worksheet to maintain the Control Objective.
Control Objective Worksheet
Column
Comment
Name (Required)
Alphanumeric characters (length: 140)
Alphanumeric characters (no length limit)
Objective Category
The user can maintain attributes in the IMG
IMG setup: GRC > Process Control > Edit
Attribute Values > Attributes with Dependent
Attributes > COOBJCAT
3.3.9 Control Objective Risk
Use this worksheet to link the Control Objective that you maintained in the Control Objective
worksheet to the Control Object Risk that you maintained in the Risk Template worksheet.
Control Objective Risk Worksheet
Column
Dependency
Comment
Object (Required)
Control Object worksheet
Name column
dropdown list
Control Objective Risk
(Required)
Name column
dropdown list
3.3.10 Account Group
Use this worksheet to maintain the Account Group.
Account Group Worksheet
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 17 of 32
Column
Dependency
Comment
Parent
Account Group worksheet
Name column
dropdown list
Name (Required)
n/a
(length: 140)
Description
n/a
(no length limit)
Account Group Assertion
n/a
X (Yes)
IMG setup: GRC > Process
Control > Edit Attribute
Values > ACASS)
3.3.11 Account Group Risk
Use this worksheet to assign a level of risk to the Account Group that you maintained.
Account Group Risk Worksheet
Column
Dependency
Comment
Object (Required)
Name column
dropdown list
Account Group Risk
(Required)
Name column
dropdown list
Account Group Risk
Assertion (Optional)
n/a
X (Yes)
NOTE
Account Group Risk Assertion
is a subset of Assertion in the
Account Group worksheet.
3.3.12 Consolidated Account Balances
Use this worksheet to assign Consolidated Account Balances to Account Groups. If you assign
an Account Group to a Subprocess, you must set the Consolidated Account Balances threshold
in the frontend (see section
Prerequisites) and then set the value in the Significant column to „X“ (True).
Consolidated Account Balances Worksheet
Column
Dependency
Comment
Object (Required)
Name column
(length: 140)
Significant (Optional)
n/a
X (Yes)
NOTE
Account Group Risk Assertion
is a subset of Assertion in the
Account Group worksheet.
Consolidated Balance
n/a
n/a
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 18 of 32
(Optional)
Reason (Optional)
n/a
n/a
3.3.13 Test Plan
Use this worksheet to maintain a Test Plan. Note that text in the Test Plan Description column is
limited to 765 characters.
Test Plan Worksheet
Column
Comment
Name (Required)
(length: 1765)
3.3.14 Test Plan Steps
Use this worksheet to maintain Test Steps for each Test Plan you maintained in the previous
worksheet.
Test Plan Steps Worksheet
Column
Dependency
Comment
Object (Required)
Test Plan worksheet Name
column
dropdown list
Test Step Number (Optional)
n/a
n/a
Test Step Name (Optional)
n/a
n/a
Test Step Long Text
(Optional)
n/a
n/a
Is Test Step (Optional)
n/a
X
Is Required (Optional)
n/a
X
Fails Test (Optional)
n/a
X (Yes)
Initial Sample (Optional)
n/a
n/a
Sampling Method (Optional)
n/a
n/a
Values >
TSSAMPLING_METHOD
3.3.15 Central Process
Use this worksheet to maintain Central Process.
Central Process Worksheet
Column
Dependency
Comment
Parent (Optional)
Central Process worksheet
Name column
dropdown list
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 19 of 32
Name (Required)
n/a
n/a
(no character length limit)
3.3.16 Subprocess Control Objective
Use this worksheet to link Subprocesses to the Processes that you maintained in the previous
sheet. Use the Parent column to select processes that you maintained in the Central Process
worksheet.
NOTE
Regulations must be assigned in a separate row. See section General Tips for more
details about regulation assignment.
Central Subprocess Worksheet
Column
Dependency
Comment
Parent (Required)
Central Process worksheet
Name column
dropdown list
Name (Required)
n/a
Regulation (Optional)
n/a
NOTE
Maintain a separate row for
assigning regulation
n/a
n/a
Subprocess Industry
(Optional)
n/a
n/a
Values > INDUSTRY)
Transaction Type ID
(Optional)
n/a
n/a
Values > TRTYPE
3.3.17 Subprocess Account Group
Use this worksheet to assign an Account Group to a Subprocess object.
Subprocess Account Group Worksheet
Column
Dependency
Comment
Object (Required)
Central Subprocess worksheet
Name column
dropdown list
Subprocess Account Group
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 20 of 32
(Required)
Name column
dropdown list
3.3.18 Subprocess Control Objective
Use this worksheet to assign a Control Objective to a Subprocess object.
Subprocess Control Objective Worksheet
Column
Dependency
Comment
Object (Required)
Central Subprocess sheet
Name column
dropdown list
Subprocess Control
Objective (Required)
Control Objective sheet Name
column
dropdown list
3.3.19 Subprocess Risk
Use this worksheet to assign the Risk ID, Risk Source Account group, and Risk Source Control
Objective to a Subprocess object.
The Subprocess Risk is a subset of the Subprocess Account Group and Subprocess Control
Objective worksheets. Thus, when you assign the Account group and Control Object, you must
check that the same assignment is maintained in the Subprocess Account Group and
Subprocess Control Objective worksheets.
For example, if you assigned the AP Invoicing subprocess to a control object AP Invoices are
entered accurately and an account group GRC AP.
In this case, make sure that both the Subprocess Account Group and Control Objective
worksheets have the same assignment. If this relationship is not maintained correctly, the system
generates error logs during the upload process.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 21 of 32
Subprocess Risk Worksheet
Column
Dependency
Comment
Object (Required)
Central Subprocess worksheet
Name column
dropdown list
Risk ID (Required)
Name column
dropdown list
Risk Source Account Group
(Optional)
Name column
dropdown list
Risk Source Control
Objective (Optional)
Control Objective worksheet
Name column
Select a value from dropdown
list
3.3.20 Central Control
Use this worksheet to maintain Control objects.
NOTE
Central Control Worksheet
Column
Comment
Parent (Required)
Select a value from the dropdown list
Dependency Central Subprocess worksheet
Name column
Name (Required)
NOTE
Regulation is a subset of Regulation in the
Central Subprocess worksheet.
(no length limit)
Regulation specific (Optional)
X (Yes)
Is Control (Optional)
n/a
Control Category (Optional)
IMG input: GRC > Process Control > Edit
Attribute Values > PRCATEGORY
Control Significance (Optional)
Attribute Values > PRSIG
Level of Evidence (Optional)
n/a
IMG input: GRC > Process Control >
Scoping > Set Level of Evidence Value
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 22 of 32
Control Risk (Optional)
n/a
IMG input: GRC > Process Control >
Scoping > Set Control Rating Range
Automation (Required)
0AUT (Automatic)
0MAN (Manual) 0SEM (Semiautomatic)
Control Purpose (Required)
n/a
Nature of Control (Optional)
n/a
Allow Refer (Optional)
X (Yes)
Control Group (Optional)
n/a
Frequency (Optional)
n/a
Date or Event (Optional)
E (Event),
T (Date)
Event description (Optional)
n/a
To Be Tested (Optional)
X (Yes)
Test Automation (ID) (Required)
0AUT (Automatic)
0MAN (Manual) 0SEM (Semiautomatic)
Testing Technique (Optional)
Attribute Values > PRTTECHNQ
Test Plan (Optional)
Dependency Test Plan worksheet Name
Column
Input (Optional)
n/a
Out (Optional)
n/a
Control Relevance (Optional)
X (Yes)
Attribute Values > RELEVANCE (Optional)
Control Subgroup (Optional)
X (Yes)
NOTE
Control Subgroup is subset of Control Group
(18.15) in the Central Control worksheet.
3.3.21 Control Risks
Use this worksheet to assign the Risk ID, Control Risk Source Account group, and Control Risk
Source Control Objective to a Control object.

Control Risk is a subset of the Subprocess Account Group and Subprocess Control
Objective worksheets.

When you assign the Account group and Control Objective to the Control object, you
must check that the Control’s parent (Subprocess) maintained the same assignment in
the Subprocess Account Group and Subprocess Control Objective worksheets.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 23 of 32
For example, you assigned the 3 way matching for goods w/PO control under the AP Invoicing
subprocess.
Then, you assigned the 3 way matching for goods w/PO control to the „AP Invoices are entered in
proper period“ Control Objective and an Account Group GRC AP.
In this case, Control’s parent Subprocess AP Invoicing should have the same assignment in both
the Subprocess Account Group and Control Objective worksheets. If this relationship is not
maintained correctly, the system generates error logs during the upload process.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 24 of 32
Control Risk Worksheet
Column
Dependency
Comment
Object (Required)
Central Control worksheet
Name column
dropdown list
Risk ID (Required)
Name column
dropdown list
Control Risk Source Account
Group (Optional)
„Name column
list
Control Risk Source Control
Objective (Optional)
Control Objective worksheet
Name column
list
3.3.22 Central iELC Group
Use this worksheet to maintain an indirect Entity Level Control (iELC) Group.
Central iELC Group Worksheet
Number
Column
Dependency
Comment
20.1
Parent (Optional)
Central iELC Group
worksheet Name
column
Select a value from
the dropdown list
20.2
Name (Required)
n/a
Alphanumeric
characters (length:
140 characters)
20.3
n/a
Alphanumeric
characters
(no length limit)
3.3.23 Central iELC
Use this worksheet to maintain Central iELC objects.
NOTE
Central iELC Group Worksheet
Number
Column
Dependency
Comment
21.1
Parent (Required)
Central iELC Group
worksheet Name
column
n/a
21.2
Name (Required)
n/a
Alphanumeric
characters (length:
1~40)
21.3
n/a
n/a
21.4
n/a
Alphanumeric
characters
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 25 of 32
(no length limit)
21.5
Regulation specific (Optional)
n/a
X
21.6
Operation Frequency (Optional)
n/a
n/a
IMG setup: GRC >
Process Control >
Edit Attribute
Values > IELCFREQ
21.7
Test plan (Optional)
Test Plan worksheet
Name column
n/a
21.8
To be tested (Optional)
n/a
X
3.4 Validate Data
Before uploading the Excel file, SAP strongly recommends that you validate the data. Invalid data
will stop the upload process and force you to correct data.
Procedure
1. From the Excel menu, select Data > Data Validation > Circle Invalid Data. This will circle
invalid data in each worksheet.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 26 of 32
2. Correct the invalid data according to the instructions described in section Validate Data and
rerun Step 1 until there are no validation errors remaining.
3.5 Upload Data
This section describes how to upload data to the backend system.
3.5.1 Upload Data
Procedure
1. Go to the backend system and run transaction SE38, input program name GRFN_MDUG,
and then click Execute.
2. Select Upload Data.
3. Select the Excel file you want to upload and continue. This step generates an XML file in your
SAP workdir automatically. If this step succeeds with no errors, it will continue with the import
data step. Otherwise the error log will be shown.
4. Import the XML data to the system.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 27 of 32
5. If the user selects Simulation, the data will not be uploaded to the system, but it will display
whether all the data in the template is valid. After simulation, if you do not receive any errors,
execute program again by unselecting Simulation and Rollback when error occurred.
6. If the Rollback when error occurred option was selected, the system will not upload data
when it censors invalid data in the template.
3.5.2 Subsequent Upload
Implementation
This feature is implemented by mapping object names in the excel template to the object names
in the GRC system. Before you upload the date, check the Find ID by name option. MDUG will
search whether the object name in the template is already used in the GRC system; if yes,
MDUG will treat the object in edit mode instead of creating a new object.
If you want to upload a new object as the child of an existing object, do the following:
1. Find the original excel template you used to upload data.
2. Maintain the new object in the excel template whose parent has already been uploaded to the
GRC system. Do not change anything of the objects you uploaded before.
3. Upload the template again.
3.6 Regulation Requirement Loading
To use the Regulation Requirement loading functionality in MDUG, see the instructions in SAP
Note 1684455 - Regulation Requirement loading in MDUG.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 28 of 32
3.7 Multiple Language Support
To upload data in different languages in MDUG, see the instructions in SAP Note 1711069 Multiple Language Support in MDUG PC10.
3.8 Review Log
If the template contains any invalid data, the system will generate an error log that will be
populated automatically when invalid data is found To review the log after uploading data, use
transaction SLG1.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 29 of 32
As the above picture shows, the error logs are sorted by the time you uploaded data. You can
select each time to view the details.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 30 of 32
4 Frequently Asked Questions
The following sections describe typical users questions about the MDUG process.
4.1 Data maintenance

I cannot find the Currency/Country/Region from the dropdown list.
MDUG 10.0 supports a limited list of Currency/Country codes. Check the IMG setting for
Currency/Country/Region and manually enter the code.

Can I use spaces in the Object name?
Yes, spaces are permitted in the object name. However, do not start the object name with a
space or enter only spaces.
4.2 Data upload errors

When I reupload the template after changing the data, I receive the same error.
If you changed the data in the template, you must change the file name and reupload.

The relation between object XXX and XXX does not exist in the system and XML
This error is caused by risk assignment to the Subprocess and Control Object. For details,
see 3.3.19 Subprocess Risk or 3.3.21 Control Risk.
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 31 of 32
5 Appendix: Data Dependency for Related
Objects
There are some relationships and dependencies among the Master Data. We recommend that
you maintain data in line with the following sequences for related the Master Data objects.
Data Dependency for Related Objects
Sequence
Master Data Worksheet
Dependency
1
Organization
n/a
2
Risk Category
n/a
3
Risk Template
Risk Category
4
Control Objective
Risk Template
5
Account Group
Risk Template
6
Test Plan
n/a
7
Central Process
n/a
8
Central Sub process
Central Process, Risk Template, Control Objective,
Account Group
9
Central Control
Central Sub process, Test Plan, Risk Template,
Control Objective, Account Group
10
Central iELC Group
n/a
11
Central iELC
Central iELC Group, Test Plan
©2010, 2011, 2012
SAP GRC
Version: 0.6
Date: 10/18/2012
Page 32 of 32

end user guide sap grc

Transcription

Similar documents

Record of Achievement

Africa Political Map

Formerly, Zygen Technology

unit 5: financials - [email protected]

Efficient project management – Although employees are

Supply Chain Through Mobility

High Voltage Maintenance

Record of Achievement

Codescan Brochure

Hallmark: Transforming Retail Merchandising and Field