What is the difference between ECC security and RAR security when GRC (RAR<S

What is the difference between ECC security and RAR security
when GRC (RAR<SPM<CUP) is used, when similar functionality can
be performed SAP R3 level(ECC)?

Question Posted / guest

2 Answers
11487 Views
ADP, Baidu, I also Faced
E-Mail Answers

Answers were Sorted based on User's Feedback

What is the difference between ECC security and RAR security when GRC (RAR<SPM<CUP) is used, ..

Answer / itsgaurav151

The things ECC security and RAR security are different. ECC
is a system whereas RAR is a tool. ECC security involves
securitg data, t-code access, report access and maintaining
the suthorizations. RAR(Risk analysis and Remediation) is a
tool that is used for analysis of risk analysis and its
remeduation as name suggests. Rhis tool determines all
potential risks that arises if a t-code/object/role/auth is
assigned to a user. Also this tool helps to remediate that
risk using mitigation technique.

Is This Answer Correct ?

6 Yes

1 No

What is the difference between ECC security and RAR security when GRC (RAR<SPM<CUP) is used, ..

Answer / rahman shaik

Simply we can say one thing like In Ecc system you cant find any risk while assigning the roles but in RAR tool it will check the RISK of that particular assignment and if risk is their then we can mitigate and simulate to that risk

I mean its purely for SOD(segregation of duties)

Is This Answer Correct ?

4 Yes

0 No

Post New Answer

More SAP Security Interview Questions

whts the differents between SoX ,SoD??????wht kind of work Sox do as wel .....SoD do? whts is virsa??????? and VRAT,,,,VFAT,, how it workin security.

3 Answers IBM,

1) Explain me about your SAP Career? 2) Tell me your daily monitoring jobs and most of them you worked on? 3) which version of SAP are you working on? Is it a java stack or abap stack? 4) Tell me about derived role? 5) what is the main difference between single role and a derived role 6) Does s_tabu_dis org level values in a master role gets reflected in the child role?? 7) Tell me the steps to configure CUA? 8) Is RAR a java stack or Abap Stack? 9) What is the report which states the critical T-codes? and also What is the T-code? 10) What is the T-code to get into RAR from R/3? 11) Explain about SPM?

2 Answers TCS,

what is the difference between PFCG,PFCG_TIME_DEPENDENCY&PFUD???

3 Answers IBM,

What are su10 t-codes used for?

1 Answers

what is the significance of parameter id and user group?

1 Answers TCS,

This is in continuataion to the previous question. a user is assigned with tcode SA38.how to restrict him to execute only a few reports,say rsusr003.If you're going to modify the role(having sa38) assigned to the user,that will affect other users also because that role might be assigned to multiple users.I don' want that to happen.so what is the solution?

5 Answers iGate,

Could any one tell me "What is critical authorizations in sap security"?

6 Answers Accenture,

What is diffrence to add tcode in Menu tab(PFCG)and in S_TCODE object?

6 Answers IBM,

What is the main purpose of Parameters, Groups & Personalization tabs in SU01 and Miniapps in PFCG? thanks in advance

1 Answers HCL, Infosys,

What does the account assessment category specify in a purchasing requisition in SAP Materials Management?

0 Answers

hi , can any one say what is the exact use of SNC TAB IN SU01,IF IT IS EXTERNAL SECURITY PURPOSE ,WHAT KIND OF SECURITY PURPOSE?

2 Answers

What is difference between user master record and user buffer

1 Answers IBM,

For more SAP Security Interview Questions Click Here