Sap Grc With Risk Management

WORK FROM Office
Location - PAN India
MODE - Hybrid
Exp 7+ Yrs mandatory
Job description
Seeking an experienced SAP GRC Consultant to support manage and enhance our SAP Governance Risk and Compliance GRC environment The ideal candidate will have handson experience in implementing and supporting SAP GRC modules with a primary focus on Access Control AC Process Control PC and Risk Management RM The consultant will be responsible for ensuring that GRC processes and tools are optimized to support enterprise risk compliance and access governance activities
Key Responsibilities
Access Control AC
Manage and support the following AC submodules
Access Request Management ARM Design and manage multistage workflows for user access requests approvals and provisioning across SAP
o Business Role Management BRM Maintain centralized role governance define business roles manage role lifecycle and support businessrolebased provisioning strategies
o Access Risk Analysis ARA Maintain and update the rule set and mitigation controls regularly monitor critical access and remediate risks in compliance with internal control frameworks and So D Generation Reports
o Emergency Access Management EAM Manage firefighter ID firefighter logs and ensure appropriate usage tracking and review by controllers and maintenance
o User Access Review UAR Management Automate periodic access reviews coordinate campaign execution and ensure timely access certification by business owners
o Segregation of Duties So D Management Maintain a robust rule set tailored to organizational policies monitor and remediate So D violations in collaboration with control owners and business teams
Maintain and update the rule set and mitigation controls
Coordinate periodic access review campaigns support SOD UAR
Facilitate role design and access provisioning workflows
Work with Access Control and GRC Team to ensure access controls are effective
Integration with Saa S and Third Party Applications
Design and implement integrations between SAP GRC modules Saa S applications such as Identity Access Management IAM platforms and cloudbased compliance management systems
Leverage SAP GRC connectors web services and APIs for integration with cloud and onpremises systems eg Success Factors etc
Support synchronization of user access data from external sources for consolidated risk analysis and user provisioning
Collaborate with security and integration architects to ensure data integrity access governance and compliance requirements are met across hybrid landscapes
Process Control PC
Configure and manage Waiver Management workflows enabling exception approvals for control deficiencies and policy deviations in a controlled and auditable manner
Implement Root Cause Analysis RCA processes to identify systemic issues log correctivepreventive actions CAPAs and track remediation efforts using predefined RCA templates
Collaborate with compliance teams to drive accountability and closure of waiver and RCA tasks within established timelines
Integrate PC waiver and RCA processes with controls and risk data in RM and AC modules to ensure holistic governance
Risk Management RM
Oversee complete lifecycle of Risk Management risk identification risk assessment qualitative and quantitative response planning monitoring and reporting
Develop and maintain the risk register ensure consistent use of risk taxonomies and align risks to strategic objectives
Facilitate risk workshops and support risk owners in periodic assessments using SAP RM tools
Enable integration of RM with controls in PC and mitigation strategies in AC to create a comprehensive GRC ecosystem
Configure dashboards and reports for realtime risk monitoring and executive level decision support