Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Internal and External SOD Evaluation

Go to solution
Manu269
All-Star
All-Star

‎12/14/2023 04:24 AM

Hello Team,

We need assistance to below query before you start onboarding and perform SOD evaluation for that Application.

1. Customer has SAP GRC system via which SOD evaluation is being performed for SAP Application.

2. For Non SAP System they are doing SOD evaluation externally and then approving and rejecting the request.

Assistance Required :

1. In case the end user request for entitlements specifc to SAP system only, at that time can saviynt perfom SOD evaluation directly with SAP GRC?

2. In case the end user request for entitlement specific to Non SAP System, we can build the ruleset and EIC should be able to run SOD only for internal SOD Evalaution?

3. In case the request is made up of conflicting entitlement between SAP and non SAP system, how this would be managed?

4. For the request where the ent is only specific for SAP based system and if any conflict is detected how the mitigation would be handled?

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.
Labels:
0 Kudos
2 REPLIES 2

Go to solution
sai_sp
Saviynt Employee
Saviynt Employee

‎12/21/2023 08:01 AM

Regarding 1:

Yes, external evaluation can be done in SAP GRC.

2: Yes it can be internal. Only SAP supports external evaluation. And it is defined at the connector level.

 

3: it would have to be using a cross app ruleset. Let me check and get back if both internal and external can be done at the same time.

0 Kudos

Go to solution
rushikeshvartak
All-Star
All-Star

‎12/21/2023 08:57 AM

1. In case the end user request for entitlements specifc to SAP system only, at that time can saviynt perfom SOD evaluation directly with SAP GRC? Yes if external risk connection attached to security system

2. In case the end user request for entitlement specific to Non SAP System, we can build the ruleset and EIC should be able to run SOD only for internal SOD Evalaution?

yes you can have internal as well as external sod calculation in same request make sure workflow is updated accordingly 

3. In case the request is made up of conflicting entitlement between SAP and non SAP system, how this would be managed?

this will be based on ruleset if your internal saviynt ruleset prepared with sap vs non sap entitlement it will show sod. Sap grc is purely for sap roles & tcodes 

4. For the request where the ent is only specific for SAP based system and if any conflict is detected how the mitigation would be handled? Currently you can’t attach any mitigation control for external sod once sod is detected you can assign to sod reviewer group and they will apply mitigation control in grc not in saviynt.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos
Copyright © 2024 Khoros, LLC