Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Reply from Alex Ayers on Apr 9 at 1:51 PM Hi
1. It depends on your company & your skills. There is sufficient complexity to warrant some separation between teams for a large or complex implementation.
2. Quite simply of you do not know security well then you will be very bad at GRC. I will caveat that statement in that it is focused towards Access Controls.
Sec knowledge is a fundamental pre-req. I see all sorts of people try to become Access Controls experts where they don't understand security. They make lousy AC experts until they learn why they are implementing AC and what is behind it. I'll put it in even more straightforward terms, it is impossible to be competent at AC unless you are competent at security (technically & functionally). The same applies to Process Controls and Risk management.
Certification is a noble goal, far more important is learning what is behind it.
At risk of sounding biased, this book is awesome exam prep
http://www.amazon.co.uk/gp/aw/d/1481279157
| | | ---------------Original Message---------------
From: vanzieu
Sent: Wednesday, April 09, 2014 1:27 PM
Subject: SAP GRC Pre Reqs
Hello Security experts,
I want to know a little bit on SAP GRC and its role in SAP Security.
1) Are these two responsibilities segregated or SAP Security analyst has to handle SAP GRC as well?
My company wants me to get certified in SAP GRC.
2) What level of SAP Security knowledge is needed to learn SAP GRC or is there no need of any SAP Security knowledge?
Thanks in advance.
Van |
| Reply to this email to post your response. __.____._ |   _.____.__ |
