C_GRCAC_12 Online Practice Questions and Answers

You are maintaining an initiator rule in MSMP Workflow. Which of the following must you specify?

A. Rule Result

B. Notification Variables

C. Rule Purpose

D. Global Process Initiator

What can you use a custom end-user personalization configuration for? Note: There are 3 correct answers to this question.

A. To assign it to the standard access request

B. To assign it to an access request template

C. To restrict a user's ability to approve their own requests

D. To determine fields shown in a workflow item

E. To determine roles that can be assigned on a request

You want to configure SAP Access Control to generate alerts to help manage compliance. What are the available alert capabilities that can be configured? Note; There are 3 correct answers to this question.

A. Identify a user who has executed a critical action and generate an email notification

B. Identify a user who has executed conflicting functions and open a support desk message

C. Identify a user who has executed conflicting functions

D. Identify a control monitor who has failed to execute defined reports in a timely fashion E. Identify a user who has executed a critical action and open a support desk message.

Which of the following reviewer options does User Access Review support?

A. Manager or Risk Owner

B. Manager or Role Owner

Which of the following is a prerequisite for scheduling a Role Usage Sync in SAP Access Control?

A. BOM Data Sync

B. Authorization Sync

C. IdM/IAG Role Import

D. Action Usage Sync

You want to generate a BRFplus Initiator Rule that utilizes an expression of type Decision Table for the SAP_GRAC_ACCESS_REQUEST MSMP Process ID.

Which rule types can you use?

Note: There are 2 correct answers to this question.

A. Class Based Rule

B. Function Module Based Rule

C. BRFplus Flat Rule

D. BRFplus Rule

Which of the following must be specified when defining a mitigating control? Note: There are 2 correct answers to this question.

A. Organization

B. Risk Approver

C. Report

D. Mitigation Monitor

SAP developed a three phase, six step SoD Risk Management Process for use when implementing

Access Risk Analysis.

Which of the following steps are a part of this process?

Note: There are 3 correct answers to this question.

A. Risk Recognition

B. Mitigation

C. Analysis

D. Role Building and Analysis

E. Rule Set Design

Which of the following are benefits of the role methodology in Business Role Management? Note: There are 2 correct answers to this question.

A. Is always the same for all roles

B. Enforce a process flow for role maintenance

C. Allows for the documentation of the role

D. Enforce a process flow for role assignment

Which of the following represent a valid Rule Kind when configuring MSMP Workflow? Note: There are 2 correct answers to this question.

A. Agent

B. ABAP Class

C. Notification Variable

D. BRFplus