Wednesday 25 April 2018

SAP GRC Interview Questions

1.What is the use of  SAP GRC?

SAP Governance, Risk and Compliance solution enables organization to manage regulations and compliance and remove any risk in managing organizations key operations. As per changing market situation organizations are growing and rapidly changing and inappropriate documents, spreadsheets are not acceptable for external auditors and regulators.

2.What are the different activities that you can perform in SAP GRC?

SAP GRC helps organization to manage their regulations and compliance and you can perform following activities

  • Easy integration of GRC activities into existing process and automating key GRC activities.
  • Low complexity and managing risk efficiently.
  • Improve risk management activities.
  • Managing fraud in business processed and audit management effectively.
  • Organizations perform better and companies can protect their values.
  • SAP GRC solution consists of three main areas: Analyze, manage and monitor.

3.What are the different GRC modules you have worked on?


  • SAP GRC Access Control
  • SAP GRC Process Control
  • SAP GRC Risk Management
  • SAP GRC Audit Management
  • SAP GRC Fraud Management
  • GRC Global Trade Services

4.What are the key activities under SAP GRC Access Control?

To mitigate risk in an organization, it is required to perform risk control as part of compliance and regulation practice. Responsibilities should be clearly defined, managing role provisioning and managing access for super user is critical for managing risk in an organization.

5.How Process Control is different from Access Control in SAP GRC?

SAP GRC Process control is used to monitor task and reports in real time and you can generate compliance status of controls in place as per business processes and aligning business processes to perform risk prevention and mitigation.

6.What is the use of GRC Risk Management?

SAP GRC Risk management allows you to manage risk management activities. You can do advance planning to identify risk in business and implement measures to manage risk and allow you to make better decision that improves the performance of business.

7.What are the different types of Risk?

Risks come in many forms −

  • Operational Risk
  • Strategic Risk
  • Compliance Risk
  • Financial Risk

8.What is SAP GRC Audit management?

This is used to improve the audit management process in an organization by documenting artifacts, organizing work papers, and creating audit reports. You can easily integrate with other governance, risk and compliance solution and enables organizations to align audit management policies with business goals.

9.What is SAP GRC Fraud Management?

SAP GRC Fraud management tool helps organizations to detect and prevent frauds at early stage and hence reducing minimizing the business loss. Scans can be performed on huge amount of data in real time with more accuracy and fraudent activities can be easily identified.

10.What are the key capabilities of Fraud management module?


  • SAP Fraud management software can help organizations with following capabilities
  • Easy investigation and documentation of fraud cases.
  • Increase the system alert and responsiveness to prevent fraudent activities to happen more frequently in future.
  • Easy scanning of high volumes of transactions and business data.

11.What is Global Trade Services?

SAP GRC GTS software helps organizations to enhance cross border supply within limits of international trade management. It helps in reducing the penalty of risks from International Trade Regulation authorities.
It provides centralize global trade management process with a single repository for all compliance master data and content irrespective of size of an organization.

12.Is it possible to lock all the users at same time in SAP system?

Yes, using T-code: EWZ5

13.What is Authorization object and authorization object class?

Authorization objects are groups of authorization field that are used to regulate activities in SAP system. All the objects come under Authorization class and grouped by different functional areas like Finance, accounting, etc.

14.How do you perform user authorization in SAP system using GRC access control?

SAP GRC access control uses UME roles to control the user authorization in the system. An administrator can use actions which represents the smallest entity of UME role that a user can use to build access rights.
One UME role can contain actions from one or more applications. You have to assign UME roles to users in User management engine (UME).

15.What is UME and how it works?

User management engine (UME). When a user does not have access to a certain tab, the tab will not display upon user logon when user try to access that tab. When a UME action for a tab is assigned to that particular user, only then he will be able to access that function.
All available standard UME actions for CC tabs can be found in the tab “Assigned Actions” of the Admin User.

More about SAP GRC:

No comments:

Post a Comment