Mass maintenance of mitigation controls is a new feature introduced in SAP Access Control 10.1. With this SAP solution, companies can maintain the mitigation control owners en masse. After you implement the mass maintenance of mitigation control feature, you can maintain the assignment of the owner for the mitigation control. You also can enable the additional feature to upload the owners into SAP Access Control. With the mass maintenance of mitigation controls feature you can perform the following tasks:

• Reassign mitigation owners
• Update existing assignments after the reorganization of a mitigation owner is completed
• Download existing mitigation owners to a file from SAP Access Control

After implementing the mass maintenance of risk owners feature, you can maintain the assignment of the owner for the risk. You can also enable the additional feature of uploading the owners from the file into SAP Access Control. With the mass maintenance of risk owners feature you can perform the following tasks:

• Reassign the risk owner
• Update the existing assignments after reorganization of the risk owner is completed
• Download existing risk owners, update the file, and upload it

 

Mass Maintenance of Mitigation Control Owners

  Here is the step-by-step process to maintain the mitigation control owners. Log on to the SAP GRC system and type transaction code NWBC. In the screen that the system displays, go to Setup > Mitigating Controls (Figure 1). Click the Mass Maintenance of Mitigation Control Owners link. This action displays the screen in Figure 2. The wizard has four steps (Figure 2):

1. Search: The selection screen for selecting the mitigation control parameters
2. Edit: Change the owners or add the owners
3. Review: Review the changed content in a non-editable format.
4. Submit: Update data and check the status of the changed records

In Figure 2, enter the required fields for filtering the mitigation control data (for example, enter SAP* in the Mitigation Control ID field). Click the Search button to display the data based on the selection in the Results section of Figure 2. Select the required entries, as shown in Figure 3 and click the Next button. Now select the required entry, add the new owner, and click the Validate button as shown in Figure 4. After the system performs the validation, the status message is displayed with the required status as to whether the Owner is valid or not valid. The Action status is changed to Change status. You also have the option to import and export the mass data. To complete this step, click the Export button. (The Import and Export buttons perform the required data import and export to save the data.) Change the owner by pressing the F4 help key. You can now select one of three options in the E column (Figure 5): No Change (0), Change (1), Add (2). Once the changes are done save the file. Click the Validate button to validate the data and then click the Next button. Then the system imports the data. Click the Import button to import the data from the application and then click the OK button. The data validation is performed automatically and the required status and action columns are updated accordingly as shown in Figure 4. After you click the Import button and select the file, the data entered in the file is validated. Based on the data validation, the status is updated accordingly on the screen (for example, success or failure). In Figure 6 there is one more option to select multiple line items for which you want to assign a single owner. After you select the line items, click the Reassign button to display the pop-up screen in Figure 6. In this screen select the new owner by browsing in the New Owner field. Click the OK button to validate the data. Now click the Next button and go to the Review screen to see the results shown in Figure 7. Here the data that is updated can be viewed in a non-editable format. Click the Next button and go to the Submit screen to see the actual data change in SAP Access Control mitigation controls (Figure 8). In this screen, the actual number of records is displayed.  

Mass Maintenance of Risk Owners

  To maintain the risk mitigation owners, log on to GRC system and type transaction code NWBC. Go to Setup > Access Rule Maintenance > Access Risk Owners Mass Maintenance (Figure 9). Click the Access Risk Owners Mass Maintenance link. In the screen that the system displays, enter the required selection parameters to filter the data for the maintenance. Click the Search button to display the data based on the selection in the Results section of Figure 10. Select the required entries and click the Next button (Figure 10). Select the required entries and assign the new owner by clicking the Reassign button (Figure 11). Select the owner from the list under the New Owner ID column and click the Validate button to validate the new owner’s data. You also have an option to export the data by clicking the Export button. Perform the required changes by adding the new owners and then upload the data by clicking the Import button. After the system validates the new owner’s data, the required status information is updated in the Status Message column along with the owner status (i.e., whether the owner is valid or not) as shown in Figure 12. Click the Next button to view the reassigned risk owners in the Review screen (Figure 13). Figure 13 shows the changed success records data status in non-editable format. After you review the data for the reassigned risk owners, click the Next button to see the final data updated in SAP Access Control (Figure 14). Figure 14 shows the actual data that was updated successfully in SAP Access Control. This screen provides the detailed status of the records selected and records changed.