We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Internal and External SOD Evaluation

Manu269
All-Star
All-Star

Hello Team,

We need assistance to below query before you start onboarding and perform SOD evaluation for that Application.

1. Customer has SAP GRC system via which SOD evaluation is being performed for SAP Application.

2. For Non SAP System they are doing SOD evaluation externally and then approving and rejecting the request.

Assistance Required :

1. In case the end user request for entitlements specifc to SAP system only, at that time can saviynt perfom SOD evaluation directly with SAP GRC?

2. In case the end user request for entitlement specific to Non SAP System, we can build the ruleset and EIC should be able to run SOD only for internal SOD Evalaution?

3. In case the request is made up of conflicting entitlement between SAP and non SAP system, how this would be managed?

4. For the request where the ent is only specific for SAP based system and if any conflict is detected how the mitigation would be handled?

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.
2 REPLIES 2

sai_sp
Saviynt Employee
Saviynt Employee

Regarding 1:

Yes, external evaluation can be done in SAP GRC.

2: Yes it can be internal. Only SAP supports external evaluation. And it is defined at the connector level.

 

3: it would have to be using a cross app ruleset. Let me check and get back if both internal and external can be done at the same time.

rushikeshvartak
All-Star
All-Star

1. In case the end user request for entitlements specifc to SAP system only, at that time can saviynt perfom SOD evaluation directly with SAP GRC? Yes if external risk connection attached to security system

2. In case the end user request for entitlement specific to Non SAP System, we can build the ruleset and EIC should be able to run SOD only for internal SOD Evalaution?

yes you can have internal as well as external sod calculation in same request make sure workflow is updated accordingly 

3. In case the request is made up of conflicting entitlement between SAP and non SAP system, how this would be managed?

this will be based on ruleset if your internal saviynt ruleset prepared with sap vs non sap entitlement it will show sod. Sap grc is purely for sap roles & tcodes 

4. For the request where the ent is only specific for SAP based system and if any conflict is detected how the mitigation would be handled? Currently you can’t attach any mitigation control for external sod once sod is detected you can assign to sod reviewer group and they will apply mitigation control in grc not in saviynt.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.