1243085 - Available Documentation for GRC Access Control

Prévia do material em texto

SAP Note 
Header Data 
Symptom 
Link to available GRC Access Control Documentation. 
 
Other Terms 
Access Control, Virsa, Risk Analysis and Remediation, Compliant User Provisioning, SuperUser Privilege Management, Enterprise Role 
Management, Compliance Calibrator, Access Enforcer, Firefighter, Role Expert, Documentation, Access Risk Management, Access Request, 
Emergency Access Management, Business Role Management 
 
Reason and Prerequisites 
Provide shortcuts to the available documentation. 
 
Solution 
Documentation is available in various areas of the SAP Ecosystem.  This note is meant to provide an overview of where different information is 
stored. 
 
The four main documentation repositories are below.  The type of documentation under each is described in the following sections. 
 
1.  Service Marketplace 
2.  help.sap.com 
3.  Business Process Expert Site (BPX) 
4.  SAP Notes 
 
Service Marketplace 
 
There are many pieces of information available on the SAP Service Marketplace.  Below are the key areas where this information is stored: 
l Release Notes.  This includes the new features added in 5.3 (as compared to 5.2) and in 10.0 (as compared to 5.3).  There are also 
documents for 5.2 but no customer should be implementing 5.2 at this time. 
           https://service.sap.com/releasenotes 
           Release Notes -> Analytics -> SMP-hosted Documents -> Governance, Risk, Compliance (GRC) -> SAP Access Control 
l Master, Installation, Upgrade, Configuration and Security Guides. Guides are available for 4.0, 5.1, 5.2, 5.3 and 10.0 
           https://websmp203.sap-ag.de/support 
           Release & Upgrade Info > Installation & Upgrade Guides > Analytics> Governance, Risk, and Compliance -> Access Control 
           From there, choose the version of application you're using. 
l Support pack schedule.  This will show the planned dates of when support packs are scheduled to be released for 4.0, 5.2 and 5.3.  
           https://service.sap.com/ocs-schedules 
           GRC Access Control Support Package Schedule 
l Product Availability Matrix.  This location will show the maintenance dates for our various product versions.  These are the dates through 
    1243085 - Available Documentation for GRC Access Control   
Version   28     Validity: 07.08.2014 - active   Language   English (Master) 
Released On 07.08.2014 23:32:57 
Release Status Released for Customer 
Component GRC-SAC-ARA Access Risk Management 
 GRC-SAC-ARQ Access Request
 GRC-SAC-BRM Business Role Management
 GRC-SAC-CONF Configuration
 GRC-SAC-EAM Emergency Access Management
 GRC-SAC-REP Repository
 GRC-SAC-RPT Reporting
 GRC-SAC-UAR User Access Review
 GRC-SAC-UPG Installation & Upgrade
 GRC-SAC-WF Workflow
Priority Recommendations / Additional Info 
Category FAQ 
Other Components
which the application version will remain supported by SAP GRC Support. 
           https://service.sap.com/~form/handler?_APP=00200682500000002212&_EVENT=DISPLAY 
           Search for Access Control and click on Search in PAM. 
           This will display the 5.3 and 10.0 maintenance dates. 
           Search for Firefighter and this will give you maintenance dates for 4.0 and 5.2. 
           Once you select a version, click on the Languages tab and you can see what languages are supported for each version of our product. 
l Sizing Guide.  This provides an overview of how best to size the GRC Access Controls hardware for optimum performance.  The link below 
is specific to version 10.0. 
           https://service.sap.com/~sapidb/011000358700000435122007E 
 
 
help.sap.com 
 
Beginning with Access Control 5.3, the information contained in the User Guides previously stored on the Service Marketplace have been moved 
to the SAP Help Portal.  The exact link is below: 
 
http://help.sap.com/saphelp_grcac53/helpdata/en/45/92c7fa00494714a4162ad707d9b328/frameset.htm 
 
This is similar to the Help for other application components of SAP. 
 
In addition to GRC 5.3, 10.0 and 10.1 specific help is also available on help.sap.com 
 
http://help.sap.com/grc-ac?current=grc-ac101&show_children=false 
 
Business Process Expert 
 
Below is the link for Business Process Expert website.  This website holds many Quick Reference Guides and other How-to documents. 
 
http://scn.sap.com/community/grc 
 
Below are the Key Topic areas: 
 
1.  SAP BusinessObjects Access Control 
2.  SAP BusinessObjects Process Control 
3.  SAP BusinessObjects Risk Management 
4.  SAP BusinessObjects Global Trade Services 
5.  SAP Environment, Health, and Safety (EH&S) 
6.  SAP and Financial Excellence 
7.  SAP Fraud Management, powered by SAP HANA 
  
Under All Articles on Governance, Risk and Compliance (Access Control) 
 
This website is constantly being updated.  The items listed below are just the key documents out there, but there are many others and more will 
continue to be added. This Note will only be for Access Control related topics. 
 
Under Key Topics - SAP BusinessObjects Access Control 10.0 
 
l GRC 10.0 Pre-Installation   (PDF 1 MB)  
The presentation explains the new architecture and the necessary prerequisites for a successful installation of SAP BusinessObjects GRC 
10.0 and guides the reader through the installation procedure of the software. 
 
l GRC 10.0 Post-Installation   (PDF 673 KB)  
The presentation explains the necessary post-installation steps in SAP BusinessObjects GRC 10.0. 
 
l AC 10.0 Post-Installation   (PDF 566 KB)  
The presentation covers the basic steps required for setting up SAP BusinessObjects GRC 10.0. For setting up specific functionality 
please refer to corresponding pre-implementation guide. 
 
l AC 10.0 - Installation Checklist   (PDF 580 KB)  
This guide provides a checklist for your installation activities for the Access Control 10.0 application. 
 
l AC 10.0 Pre-Implementation From Post-Installation to First Risk Analysis   (PDF 709 KB)  
 
This document allows implementation consultants and administrators to setup the required functionality for running a user level risk analysis after 
the post-installation has been finished. This is by no means a comprehensive guide for setting up the Access Risk Analysis component, rather it 
allows testing the application is working properly by setting up a basic test case. 
 
l AC 10.0 - Enhanced Access Risk Analysis 
 
This document describes the major enhancements to the access risk analysis capability of GRC, including end user customization and 
personalization. It covers how to navigate through the different reports, and also about new functionality such as new bulk maintenance, automation, 
audit trail, and mitigation options. 
 
l AC 10.0 Pre-Implementation From Post-Installation to First Emergency Access   (PDF 631 KB)  
 
This document allows implementation consultants and administrators to setup the required functionality for running an emergency access 
(firefighter) session after the post-installation has been finished. This is by no means a comprehensive guide for setting up the Emergency Access 
Management component, rather it allows testing the application is working properly by setting up a basic test case. 
 
l AC 10.0 - Centralized Emergency Access   (PDF 1 MB)  
 
This document is a detailed guide on the emergency access capability of Access Control 10.0. It explains the basic concepts about emergency 
access and provide details on how to configure the application. Also this document includes additional information on the types of logs available 
for monitoring the emergency accesses. 
 
l AC 10.0 Pre-Implementation From Post-Installation to First Role Creation   (PDF 814 KB)  
 
This document allows implementation consultants and administrators to setup the required functionality for creating a single role in AC after the 
post-installation has been finished. This is by no means a comprehensive guide for setting up the Business Role Management component, rather it 
allows testing the application is workingproperly by setting up a basic test case. 
 
l AC 10.0 - Business Role Management   (PDF 3 MB)  
 
This document allows implementation consultants and administrators to setup the required functionality for creating roles in AC after the post-
installation has been finished. This guide provides the configuration steps for setting up Business Role Management. 
 
l AC 10.0 Pre-Implementation From Post-Installation to First Access Request   (PDF 736 KB)  
 
This document allows implementation consultants and administrators to setup the required functionality for creating an access request after the 
post-installation has been finished, please notice that it is required to configure Role Management before being able to request role assignments. 
This is by no means a comprehensive guide for setting up MSMP workflows, rather it allows testing the application is working properly by setting 
up a basic test case. 
 
l AC 10.0 - Customizing Workflows for Access Management   (PDF 1 MB)  
 
This document allows implementation consultants and administrators to setup the required functionality for enabling the workflow engine in AC 
10.0. You will learn the main components of the new workflow engine and how to customize them, also how to create agents and initiators using 
Function Modules and BRFplus. 
 
l AC 10.0 - How to Customize Notification Templates for AC Workflow   (PDF 827 KB)  
 
This how-to-guide explains how to set up the SAPconnect communication interface in your application server in order to send out email 
notifications triggered by workflow events in Access Control 10.0. This guide provides a comprehensive overview of workflow events that can 
trigger email notifications and notification variables used to populate the message bodies with information that is specific to each request. The 
guide also explains how the pre-delivered message bodies can be replaced by custom messages as well as how email reminders are set up. 
 
l AC 10.0 - Managing Custom Fields for Access & Role Management   (PDF 317 KB)  
 
This document explains how to setup the required functionality for adding custom fields to access requests and roles maintained in GRC 10.0. 
 
l AC 10.0 - End User Personalization   (PDF 895 KB)  
 
This how-to-guide explains the End User Personalization concept in Access Control 10.0 and the technical configuration to attain that functionality. 
 
l AC 10.0 Performing Segregation of Duties Reviews   (PDF 1 MB)  
 
This how-to-guide explains the Segregation of Duties Review concept and the technical configuration to attain that functionality. 
 
l GRC 10.0 Integration Guide and NetWeaver Identity Management 
l SAP Access Control 10.0 Interface for Identity Management   (PDF 646 KB)  
 
These documents cover all the new web services for Access Control 10.0 and integration scenarios with IDM solutions. The main foundation for 
this integration is based on NeetWeaver Identify Management 7.2. 
 
l SAP BusinessObjects GRC 10.0 Integration Guide - Access and Process Control 10.0   (PDF 1 MB)  
 
With the release of GRC 10.0, Access Control and Process Control are offered as an integrated solution, both at the data layer and at the user 
interface layer.  This new unified platform enables increased harmonization of key master data.  Organization and process and control structures 
can now be shared across components of Access Control and Process Control, which supports a more integrated approach to governance, risk, 
and compliance. Access risks identified in Access Control can be mitigated using controls managed by Process Control, as an example. This 
document details methods for harmonizing data across Access Control and Process Control. 
 
 
l Risk Terminator Configuration 
(PDF 480 KB) 
 
This how-to guide shows how to set up risk terminator to validate new roles and assignments. 
 
 
Under Key Topics - SAP BusinessObjects Access Control - SAP GRC Access Control 5.3: 
l Getting Started with GRC Access Control 
 
This page provides an overview of GRC Access Control. To maintain compliance with current and future regulations, organizations must implement 
a sustainable, automated solution that provides end-to-end automation for detecting, remediating, mitigating, and preventing access and 
authorization risk across the business. 
l GRC Access Control - Access Risk Management Guide   (PDF 268 KB)  
 
The access risk management guide helps you set up and implement risk identification and remediation with GRC Access Control. 
l GRC Access Control - Comprehensive, Cross-Enterprise Analysis, Remediation, and Prevention of Access Risk   (PDF 343 KB)  
 
Take an in-depth look at how SAP GRC Access Control - part of SAP solutions for Governance, Risk, and Compliance - is helping organizations 
close gaps in access risk. This broad access and authorization solution extends from design time through runtime to ensure compliance to 
segregation of duties. 
  
l Tour the Five Building Blocks of SAP NetWeaver Security   (1 hour 1 minute)  
 
This e-learning session provides an introduction to user management, trust management, secure system management, application security, and 
auditing. 
l The Three C's of SAP Identity Management - Centralization, Certified Partners and Compliance   (PDF 407 KB)  
 
One of the fundamentals of securing an SAP system landscape is user identity management. This SAP Insider article discusses maintaining strict 
control over the creation, authorization, and deletion of user identities, which is imperative for securing company data. 
l J-SOX Insights   (PDF 117 KB)  
 
"J-SOX" is an unofficial term that refers to the Japanese requirements similar to Sarbanes-Oxley Act Section 302 (management certification) and 
Section 404 (management evaluation and report on internal controls) in the USA. This FAQ about J-SOX appears here with the permission of 
Protiviti. 
l J-SOX Flash Report   (PDF 75 KB)  
 
Information on Japanese compliance legislation as of November 2006. This report appears here with the permission of Protiviti. 
l How to Performance Optimize SAP GRC Access Control 5.3   (PDF, 303 KB)  
 
The guide provides an overview of the technical architecture of SAP GRC Access Control 5.3 and a structured list of recommendations and 
preferred practices for performance optimization. 
l SAP GRC Access Control 5.3 - Pre-Installation - Voice Over (FLASH 20,869 KB) 
 
This eLearning session explains the necessary prerequisites for a successful installation of SAP GRC Access Control 5.3 and guides the reader 
through the installation procedure of the software. Underlying presentation: SAP GRC Access Control 5.3 - Pre-Installation (PDF 923 KB) 
l SAP GRC Access Control 5.3 - How To - Apply Support Packages in AC5.3 - Voice over (FLASH 7,500 KB) 
 
The presentation explains the necessary steps for a successful installation of a Support Package in SAP GRC Access Control 5.3 and guides the 
reader through the procedure.  Underlying presentation: SAP GRC Access Control 5.3 - HowTo - Apply Support Packages in AC5.3 (PDF 1,643 
KB) 
l SAP GRC Access Control - How To - Integrate GRC AC53 CUP and NW IdM (PDF 1.438 KB) 
 
This How-To guide explains the integration of SAP GRC AC 5.3 CUP and NetWeaver IdM 7.0. 
l SAP GRC Access Control - Application Integration Documentation (PDF 514 KB) 
 
 
 
The purpose of this Quick Reference Guide is to provide best practices and instructions on how to integrate the application capabilities of Access 
Control (rel. 5.2) that also known as Access Enforcer (AE), Compliance Calibrator (CC) and Role Expert (RE). 
  
l SAP GRC Access Control 5.3 - Post-Installation - RAR - Voice over (FLASH 17,337 KB) 
 
This eLearning session outlines necessary post-installation steps for the implementation of risk analysis and remediation in SAP GRC Access 
Control 5.3. Underlying presentation: SAP GRC Access Control 5.3 - Post-Installation - RAR (PDF 1,676 KB) 
l GRC Access Control - Risk Analysis and Remediation(formerly Virsa Compliance Calibrator) Offline-Mode Risk Analysis (PDF 2,738 KB) 
 
Risk Analysis may be performed in offline-mode (aka remote risk analysis). The process helps in detecting SOD violations in an ERP system 
without having to connect online. Instead data from the ERP system is exported to files and subsequently imported to GRC Access Control by 
using the data extractor utility. 
l Background Jobs for Risk Analysis and Remediation (PDF 345 KB) 
 
This document discusses the background jobs available in the context of using risk analysis and remediation in SAP GRC Access Control. Best 
practices on executing these jobs are given, e.g. the order in which background jobs should be executed, the difference between full synch mode 
and incremental mode. 
l Organizational Rules and Organizational Level Reporting (PDF 2,807 KB) 
 
Use this Quick Reference Guide to understand and create Organizational Rules and perform organization level reporting. 
  
l Periodic Job Processing for Risk Identification and Remediation (PDF 134 KB) 
 
SAP's solutions for Governance, Risk, and Compliance comprise GRC Access Control, an application that handles sustainable prevention of 
Segregation of Duties violations. This Quick Reference Guide for periodic job processing applies to the system's capability for risk analysis and 
remediation. 
l Post-Installation Tasks for Risk Identification and Remediation (PDF 105 KB) 
 
This Quick Reference Guide for post-installation tasks applies to the system's capability for risk analysis and remediation. 
l Creating Roles and Users in SAP NetWeaver User Management Engine (PDF 46 KB) 
 
This Quick Reference Guide describes the creation of roles and users in SAP NetWeaver User Management Engine (UME). 
l Pre-Implementation Checklist for Risk Identification and Remediation (PDF 53 KB) 
 
This Quick Reference Guide for a pre-implementation checklist applies to the system's capability for risk analysis and remediation. 
l SAP GRC Access Control 5.3 - Post-Installation - ERM - Part I - Voice Over (FLASH 17,122 KB) 
 
This eLearning session explains the required post-installation steps for enterprise role management in SAP GRC Access Control 5.3. This is a 
prerequisite to start customizing and implementation of their role management. Underlying presentation: SAP GRC Access Control 5.3 - Post-
Installation - ERM - Part I (PDF 668 KB) 
l SAP GRC Access Control 5.3- Post-Installation - ERM - Part II - Voice Over (FLASH 7,355 KB) 
 
This eLearing session runs through typical implementation steps of enterprise role management in SAP GRC Access Control 5.3. It explains how 
roles may be created. Projects may apply a different methodology. Underlying presentation: SAP GRC Access Control 5.3 - Post-Installation - 
ERM - Part II (PDF 506 KB) 
  
l SAP GRC Access Control 5.3 - Post-Installation - CUP - Voice Over (FLASH 14,607 KB) 
 
This eLearning session outlines necessary post-installation steps to enable compliant user provisioning in SAP GRC Access Control 5.3. 
Completing the required post-installation tasks allows to start customizing and implementation of individual workflows. Underlying presentation: 
SAP GRC Access Control 5.3 - Post-Installation - CUP (PDF 635 KB) 
 
l Configuring LDAP connector in compliant user provisioning (PDF 243 KB) 
 
When implementing compliant user provisioning in GRC Access Control the system is typically linked to a LDAP repository. This paper outlines the 
configuration of LDAP connector and provides sample mappings for Active Directory, SunOne, E-Directory, and Tivoli. 
l SAP GRC Access Control: Compliant user provisioning goes Identity Management (PDF 1.19 MB) 
 
According to Gartner, Governance, Risk, and Compliance (GRC) is the ultimate driver for today's identity management projects. SAP GRC Access 
Control has the technology to provide customers with a cross ERP-platform solution for compliant user provisioning and at the same time provides 
an open API/interface for existing identity management vendors to integrate seamlessly with SAP GRC Access Control for an end-to-end user, role 
and rule provisioning solution. 
l Configuring Requestor Landing Page for Compliant User Provisioning (PDF 220 KB) 
 
The purpose of this article is to provide the procedure required to customize the requestor landing page i.e. the request types on the request 
access screen in compliant user provisioning in SAP GRC Access Control. 
l Configuring Compliant User Provisioning into CUA Systems (PDF 457 KB) 
 
For GRC Access Control to be able to perform user provisioning into Central User Administration (CUA) systems certain special configurations 
related to compliant user provisioning (formerly Virsa Access Enforcer) need to be done. This article outlines the configuration procedure for 
provisioning to work with CUA systems. The paper also discusses troubleshooting. 
l Compliant User Provisioning Quick Reference Guide (QRG): Risk Analysis URI Configuration (PDF 280 KB) 
 
SAP GRC Access Control - part of SAP solutions for Governance, Risk, and Compliance - is helping organizations close gaps in access risk. This 
guide indicates how to link the application's capability for compliant user provisioning with the application's capability for risk analysis and 
remediation. 
l Compliant User Provisioning QRG: HR Triggers (PDF 393 KB) 
 
Compliant user provisioning may be triggered by SAP's human resource application. This quick reference guide outlines how set up that HR link. 
l SAP GRC Access Control 5.3 - Post-Installation - SPM - Voice Over (FLASH 12,053 KB) 
 
This eLearning session outlines post-installation tasks that are a prerequisite for the implementation of superuser privilege management in SAP 
GRC Access Control 5.3. The session explains how to effectively set up superuser privilege management in SAP backend systems and enable the 
Java reporting component, which allows for centralized access to log reports in multiple SAP backend systems. Underlying presentation: SAP 
GRC Access Control 5.3 - Post-Installation - SPM (PDF 1,169 KB) 
l SAP GRC AC 5.3 Integrated Project Plan Article (PDF 88 KB) 
 
The integrated Access Control project plan contains steps to be performed in the implementation of Access Control. The steps and task durations 
represent a basic implementation and may be modified to suit a company's project.10 Dec 2008 
l SAP GRC AC 5.3 Implementation Considerations for Enterprise Role Management Article (PDF 180 KB) 
 
This document provides a quick reference guide to understand the main features, business benefits, and implementation best practices of the 
Access Control 5.3's capability for enterprise role management.01 Dec 2008 
l SAP GRC AC 5.3 Implementation Considerations for Superuser Privilege Management Article (PDF 151 KB) 
 
GRC Access Control identifies and prevents access and authorization risks in cross-enterprise IT systems to prevent fraud and reduce the cost of 
continuous compliance and control. This document discusses the key features of Superuser Privilege Management. It also provides scenarios to 
assist project teams in deciding whether to implement role-based or ID-based firefighting.01 Nov 2008 
  
l SAP GRC Access Control: Migration/Upgrade to Release 5.2   (PDF 1.2 MB)  
 
As of GRC Access Control release 5.2 all Access Control capabilities are bundled to one software package. It is therefore neither recommended 
nor supported to upgrade individual capabilities. This guide provides information for existing GRC Access Control customer upgrading their 
existing implementations from release 4.0 or release 5.1 to release 5.2. 
l SAP GRC Access Control 5.2 - Pre-Implementation Guide (PDF 1,265 KB) 
 
This guide provides guidelines and best practices for the pre-implementation of SAP GRC Access Control. Pre-implementation is the process of 
understanding customer requirements. It helps to lay a firm groundwork for successful implementation of the application.The guide outlines the 
different steps of the process and describes some of the factors that influence performance and hardware requirements. 
l GRC Access Control - Risk Analysis and Remediation (Release 5.2): Quick Reference Guide for Moving to Production (PDF 192 KB) 
 
Moving GRC Access Control from a development/testing environment to production requires populating data in the production version so that risk 
analysis can be performed and  management views are available. 
l Delta Quick Reference Guide 5.1/5.2 for Risk Analysis and Remediation (PDF 61 KB) 
 
This Delta Quick Reference Guide outlines high-level differences between release 5.1 and release 5.2. 
l SAP GRC Access Control 5.2 implementation guide for enterprise role management (PDF 91 KB) 
 
GRC Access Control identifies and prevents access and authorization risks in cross-enterprise IT systems to prevent fraud and reduce the cost of 
continuous compliance and control. This paper provides a quick reference guide to understand the main features, business benefits, and 
implementation best practices of the application's capability for enterprise role management (formerly known as Virsa Role Expert). 
 
 
Under All Articles on Governance, Risk and Compliance: 
 
Link - https://www.sdn.sap.com/irj/scn/articles-grc-all 
 
This link will show all the GRC articles from all areas in the Business Process Expert website. 
 
SAP Notes 
 
Corrections to documentation or additional information can also be stored as SAP Notes.  You can use the SAP Note Search function to identify 
whether the issue you encounter has a SAP Note. 
 
Below are some key SAP notes relevant to providing additional information and documentation about Access Control.  This is just an example of 
some of the SAP Notes available. You may perform a SAP Note search on the Service Marketplace for component GRC* to see all of the SAP 
Notes released. 
 
1085097 Lead Approver radio button not checked in Role Upload 
1134833 AE5.2 - Mass Copy of Requests limitation 
1035063 5.X - Setting up Blanket Mitigation Controls 
1055976 Firefighter 5.2 - Unable to run the SoD analysis report 
1145700 Risk Analysis not recommended for multi-user change requests 
  986996 Best Practice for SAP CC Rules and Risks 
1178372 Risk Analysis and Remediation - Cross and Logical systems 
1178370 Risk Analysis and Remediation - Table sizes 
1179717 Risk Analysis and Remediation - Management Reports 
 
The following OSS Notes have been produced on specific BI related issues: 
 
1155096 Master Data Process Chain failure 
1155095 Alert Header DSO refresh required in process chain 
1155468 Alert Details (0GCC_ALD) InfoCube Start Routine fails 
1155469 InfoPackage Date Selection in Delta Processing 
1155913 Error in deletion programs associated with delta processing 
1229932 Duplicate data records in CUP language dependent text DTPs 
1170897 Permission Violations Delta Deletion Programs Generation 
 
 
Related Wiki page 
 
Governance, Risk, and Compliance (GRC) How-To Guides 
 
Validity 
References 
This document refers to: 
SAP Notes 
Software Component From Rel. To Rel. And Subsequent 
 VIRCC 530.700 530.700  
 VIRAE 530.700 530.700  
 VIRRE 530.700 530.700  
 VIRFF 530.700 530.700  
 GRCFND_A V1000 V1000  
1673593   Updates to Customizing for GRC 10 Due to SP08 
1647291   Access Control 10.0 SP08 Report Documentation Updates 
1602186   GRC Access Risk Analysis tables 
1369045   AC SP09 Data Mart Design Description 
1261750   Upgrade Java Netweaver and GRC applications to AC 5.3 
1153091   Role Expert Implementation Guide 
1054121   The SAP Ecosystem in a Nutshell 
 
This document is referenced by: 
SAP Notes (7) 
 
1369045   AC SP09 Data Mart Design Description 
1602186   GRC Access Risk Analysis tables 
1054121   The SAP Ecosystem in a Nutshell 
1647291   Access Control 10.0 SP08 Report Documentation Updates 
1261750   Upgrade Java Netweaver and GRC applications to AC 5.3 
1673593   Updates to Customizing for GRC 10 Due to SP08 
1153091   Role Expert Implementation Guide