A new version of the Virsa tool set which comprises of a number of applications, the latest versions of which all run on a Java Netweaver Application Server, giving an authoritative source of access data that should be provided to a user with the SAP Solution.
Compliance Calibrator is a repository for the definition of risks within a business. It then allows for checking against this list of defined risks for assignment of segregation of duties violations, or the execution of the defined risks with the SAP solution landscape. With integrated reporting and alerting, it provides the control engine of the GRC suite.
This tool provides the frontend of the GRC suite and access to a workflow based provisioning engine, allowing users to request changes in their own access, which is workflowed for approval and actioned based upon the risks defined in Compliance Calibrator.
Applies the rigorous naming conventions and validations on creation of roles that help ease the management and reduce the risk of segregation of duties violations being created later. All roles are validated to check they are risk free before being created.
This allow the assignment of an "emergency user" to normal support users, giving them extended access for exceptional circumstances. There is notification associated with the use of this extended access and all activities are logged during its use to reduce the risk of unauthorised activities taking place.