cancel
Showing results for 
Search instead for 
Did you mean: 

How to add regulations?

Former Member
0 Kudos

Hi all,

I think in my system the regulations are not correctly installed. How can I verify it? How can I add regulations?

On the other and in the screen GRC Process Control I'm not able to open any link, I tried to activate the role and the menu but there is no way to open it. You can the following picture:

Really thanks

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hi Sergio,

if you had done the steps, it should work.

My, you are making the same mistake as me.

The regulation will not be added directly.
You must assign your control on the part of the process or IELC.

Then assign to the part of the organization process.

I hope you now see your prescription.

Regards,

Harald

Former Member
0 Kudos

You first need to do all the required configuration for the regulation in the IMG.  There are quite a few things to setup first.  From the screenshot, it looks like the regulation is not configured properly in the back-end.  You can't create a regulation in the front-end until it exists in the back-end. 

0 Kudos

Hi Paul, hi everybody,
I successfully created a new Regulation named "D.Lgs.232".
The whole operation was not so simple, because the procedure is quite different between PC3.0 and PC10.0, and there is no specific documentation for PC10.

Having said that, I encountered a problem: I am only able to assign the new Regulation to some

Subprocesses, while I receive an error popup for other ones.

I am going to attach the screenshot in which I try to assign the new regulation "D.Lgs.231" to the Subprocess "01.01-Def. of requirements".

And after that, I am going to attach the popup error.

Does anybody know how is it possible to assign the Regulation only to some subprocesses?

Is there some subprocess specific configuration/setting, which can block a new regulation assignment?

Thank you very much.

Hope to win this Regulation War.

Regards.

Sergio

Former Member
0 Kudos

You can also assign regulations to organization.

What is the reason for wanting to block a new regulation assignment to a sub-process? Anyhow, isn't it much easier to accomplish your objective via authorizations assigned to the GRC admins and restricting their access?

0 Kudos

Hi T.,

as far as I know, in PC10 we can assign regulations to subprocess.

Once this is done, the regulation(s) are assignable both to Organization(s) and Control(s).

But the real problem here, is that I can correctly assign my new Regulation to some sub processes, while I cannot assign it to other sub-processes (error window).

Regards,

Sergio

Former Member
0 Kudos

What kind of error window do you get?

Did you check the SLG1 and ST22 log after you have performed the failed regulation assignment?

Former Member
0 Kudos

One possible source of the problem is inconsistency in your "valid from" date on all your objects.  The regulation, subprocess, organization, etc. should all have a consistent "valid from" date.  From the screenshots you have shared, it looks like that date is not the beginning of a reporting timeframe.  This is a frequent cause of the symptoms you are describing. 

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi Gabriele,

is it possible to add the standard regulations, which are delivered from SAP, to your controls? For example SOX or FDA?

Paul gives you a good introduction to create a new Multi Compliance Framework.

After that and for the standard regulation, you have to do these steps in GRC:

1) Create a regulation group in the NWBC

2) Create the regulation under this regulation group

3) Add this regulation to a subprocess

4) Add the regulation to a control. Only the regulations which are added to the subprocess are able to choose in the control

5) Add a subprocess to an organization -> the regulation from the control, is after this step also relevant for the organization.

Regards

Timo

0 Kudos

Hi Timo, hi everybody,

I have already written in this note (http://scn.sap.com/thread/3192985).

Our office is working since 4 years on a consolidated Process Control "structure" with only one regulation (SOX), a considerable set of organizations, processes, sub-processes and controls.


My main goal is:
1. create a new regulation;
2. associate some controls (currently only related to the SOX regulation), to the new regulation.

I created a new Regulation Group named "D.Lgs.231", but I am not allowed to create a new Regulation for this group, beacause there is no dropdown menu for the field "Assign Regulation Configuration" in the screen (as shown below) and PC says that "Saving data failed".

Am I doing something wrong?

Could anyone help me?

Thank you very much in advance.

Sergio

Former Member
0 Kudos

Hi IT Bentec,

Any chance to have any details or directions on how you solved this problem. I am currently struggling with exactly the same problem you had and still dont know how to find the solution. Been struggling with authorizations, BC Sets and the SPRO but no success.

Kind regards

Former Member
0 Kudos

The instructions for regulations are in the RKT material under multi-compliance framework (MCF).  The steps are as follows:

Make sure you have activated all the BC sets.

Use the model roles pre-delivered, or copy them.

In the IMG define subtypes for for regulation-specific attributes.

Configure compliance initiatives

Relate regulation to plan usage

Maintain regulation role assignment

Maintain roles to receive taks in workflow

One this is done in the IMG, then you can create the regulation in the front-ent