Hello Experts,
Please some one guide us how to link z customised tcode in SAP which has no link to std mother t code. This is asked to make customised z rule set for SOD.
Another one to get proper pop up while simulating critical t code before allotting the tcode. Do you feel this should be one time implementation issue or a total governance issue for the people who are engaged in making these z tcode which are unlinked.
Please share your experience in this area. Thanks in advance.
Yes, custom risk can be included in your GRC rule set to manage SOD and be complaint with SOX or other compliance standards like JSOX, FDA, etc
Well, SAP provided a standard global rule set, so if for a certain module or business process new risk are identified they can be mapped to functions and incorporated in customized rule set.
The function will contain the zT-codes and can be in combination to standard t-code, as per business.
Risk matrix can be defined and relevant customized risk ID can be created for a module or business process which standard GRC ruleset does not support.
And even to enhance existing risk management in know business process risk like P2P,A2R, M2S,D2C etc
The process is not frequent, it might not be a one time activity though and is a core compliance job.