SAP GRC 12, upgrade

Posted by Andrea Mazzolani (translation) on Nov 18, 2022 12:00:00 AM

The SAP GRC system has to be updated too, with new functionalities, solved issues and improvements.

 

SAP GRC 12

 

Here's why you should think about updating this tool. Let's talk about SAP GRC Access Control.

What are the available releases for SAP GRC?

Let's start with a little bit of background history. SAP acquired the Virsa System company in 2006. This company developed a vertical compliance tool for SAP systems. Specifically for the analysis of the Segregation of Duties.

 

Since then, a series of modification in the product name happened, up until the current terminology, which is SAP Governance RIsk and Compliance

 

  • SAP Virsa, made up from the following modules
    • CC - Compliance Calibrator
    • FF - Firefighter
    • AE - Access Enforcer
    • RE - Role Expert
  • SAP Virsa GRC
    • RAR - Risk Analysis and Remediation
    • SPM - Super User Privilege Management
    • CUP - Compliant User Provisioning
    • ERM - Enterprise Role Management
  • SAP GRC
    • ARA - Access Risk Analysis
    • EAM - Emergency Access Management
    • ARQ - Access Request Management
    • BRM - Business Role Management

 

During the years also the product technology has changed. From originally having the ABAP language (release 4.0) to the HAVA version in the 5.X releases up to the return to ABAP, via web, from the 10.X release until the latest 12.X.

 

When will the different releases go out of maintenance?

Here is the date detail of the End of Maintenance:

  • SAP GRC 5.x: 31.12.2015
  • SAP GRC 10.0: 31.12.2020
  • SAP GRC 10.1: 31.12.2020
  • SAP GRC 12.x: 31.12.2024

 

What is the update stare of the most recent releases?

The SAP GRC product is composed of two parts:

  • The foundation, meaning the product itself
  • The plug-in (or RTA Real Time Agent in the older releases).

 

These two components must be installed in the same version (same Support Package - SP), meaning that if I install the GRC 10.1 SP15 I will have to install the connected plug-in (on all SAP machines connected to GRC) in the same version.

 

The plug-in allows SAP GRC to exchange data with the connected backend systems.

 

Here's the state of the updates, meaning the latest support packages:

  • SAP GRC 10.0, latest SP available 27 (September 2018)
  • SAP GRC 10.1, latest SP available 24 (April 2019)
  • SAP GRC 12, latest SP available 17 (July 2022)

 

What other releases exist?

  • SAP AC 12.0 FOR SAP S/4HANA

In this release the analysis support was introduced for the S/4HANA environment, for more details look at the S/4HANA and FIORI section.

 

Why should you update you SAP GRC system?

Could we immagine to leave everything as is? This depends also from what SAP GRC Access Control modules are being used. Let's see the various characteristics:

 

  1. This system too is subject to corrections and security patches, it therefore has to be updated
  2. If you use a risk analysis module and you intend to run an analysis in S/4HANA environments, you must update the system
  3. If you use a HANA database and want to use an emergency user to trace what's being done, EAM module, you must update the system
  4. If you want to benefit from the performance improvement of the system, you must update. Warning, in this case it depends, once more, on what modules you use
  5. Common errors corrections
  6. you must connect your systems to the cloud? Do you have hybrid SAP sceneries? Then you have to migrate to the release 12 of SAP GRC

 

The greater the update time between releases, the greater will the activities to do after the migration be. Once the update is done some manual actions could be necessary to adapt GRC's transaction data.

 

 

Topics: sap grc 12, sap access control

Subscribe Here!

Blog Aglea, cosa puoi trovare?

Ogni mercoledì pubblichiamo articoli, interviste e documenti relativi alla security SAP.

Cosa puoi trovare:

  • Suggerimenti su come mettere in sicurezza i sistemi SAP
  • Come fare a … (How To)
  • Checklist
  • Gli errori comuni che spesso vengono fatti in ambito Security SAP
  • Interviste con esperti del settore
  • Chi è AGLEA quale è la nostra vision security SAP

Recent Posts

Post By Topic

See all