SAP developed a three phase, six step SoD Risk Management Process for use when implementing Access Risk Analysis.
Which of the following steps are a part of this process? Note: There are 3 correct answers to this question.
A. Risk Recognition
B. Mitigation
C. Analysis
D. Role Building and Analysis
E. Rule Set Design
Answer: A,B,E
The three-phase, six-step SoD (Segregation of Duties) Risk Management Process developed by SAP for implementing Access Risk Analysis includes the following steps:
A. Risk Recognition
B. Mitigation
E. Rule Set Design
Risk Recognition refers to the identification of potential risks. Mitigation refers to the strategies and actions taken to reduce or eliminate identified risks. Rule Set Design is about defining and establishing rules that manage identified risks.
Option C. Analysis, while an important aspect of risk management, is not specifically called out as one of the six steps in the SAP SoD Risk Management Process.
Option D. Role Building and Analysis, while part of the broader SAP security and governance process, is not specifically identified as a step in the three-phase, six-step SAP SoD Risk Management Process.
Latest C_GRCAC_13 Dumps Valid Version with 80 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund