top of page
Writer's pictureSeema Iyer

Introduction to SAP Certified Application Associate - SAP BusinessObjects Access Control 10.x Exam

Updated: May 23, 2019

BusinessObjects Access Control (C_GRCAC_10) preparation guide helps you to get focused on exam. This guide also helps you to be on C_GRCAC_10 exam track to get certified with good score in the final exam.

C_GRCAC_10 BusinessObjects Access Control Exam Summary


Exam Name: GRC AC

Exam Code: C_GRCAC_10

Level: Associate

Exam Price: $550 (USD)

Duration: 180 mins

Number of Questions: 80

Passing Score: C_GRCAC_10 - 66%

Reference Books: GRC100, GRC300

Schedule Exam: SAP Training OR Pearson VUE


Exam Syllabus: C_GRCAC_10 SAP Certified Application Associate - SAP BusinessObjects Access Control 10.x


1. MSMP workflow configuration (> 12%)

Maintain paths and stages. Customize MSMP workflow. Maintain rules. Generate versions. Maintain agents. Maintain notification variables and templates.

Books: GRC300


2. User provisioning configuration (> 12%)

Configure settings to provision users. Configure provisioning and field mapping. Configure end user personalization form. Create and copy requests for user access and organizational assignments. Configure parameters for periodic access review requests. Configure password self-service.

Books: GRC300


3. Access Risk Management setup (> 12%)

Configure Access Risk Analysis. Maintain risks and critical access rules. Define shared master data. Guide customer to recognize and remediate risks. Create mitigating controls and assignments based on customer requirements. Configure and track audit trails.

Books: GRC300


4. Business Rules Framework setup (> 12%)

Define workflow-related MSMP rules. Create business rules in the Business Rule Framework (BRF). Create a BRFplus Initiator Rule. Create a BRFplus Agent Rule. Create a BRFplus Routing Rule.

Books: GRC300


5. Common GRC settings configuration (8% - 12%)

Configure shared Access Control settings. Synchronize objects in the Access Control repository. Schedule and view background jobs. Activate Business Configuration (BC) sets.

Books: GRC100, GRC300


6. Role definition and management (8% - 12%)

Configure role methodology. Map roles to authorize access to specific application functions. Create business roles to group related roles. Perform Role Mass Maintenance operations. Use role mining to consolidate roles.

Books: GRC300


7. Emergency Access Management setup (8% - 12%)

Configure Emergency Access Management settings. Set up Access Control scheduled jobs. Plan for emergency access. Set up critical firefighting roles and assignments based on customer requirements. Guide customer on how to monitor emergency access.

Books: GRC300


8. Integration Framework configuration (< 8%)

Create and maintain connectors. Configure shared GRC settings.

Books: GRC100, GRC300


SAP C_GRCAC_10 Certification Sample Questions and Answers


To make you familiar with BusinessObjects Access Control (C_GRCAC_10) certification exam structure, we have prepared this sample question set. We suggest you to try our Sample Questions for BO GRC C_GRCAC_10Certification to test your understanding of SAP C_GRCAC_10process with real SAP certification exam environment.


C_GRCAC_10BusinessObjects Access Control Sample Questions:-


01. How do you enable manual provisioning in Access Control?

Note: Please choose the correct answer.


a) Maintain the relevant plug-in settings.

b) Maintain the relevant global settings.

c) Maintain the end-user personalization form.

d) Maintain the "Override Assign Type" MSMP task setting.


02. Your customer wants to eliminate false positives from their risk analysis results. How must you configure Access Control to include organizational value checks when performing a risk analysis?

Note: There are 2 correct answers to this question.


a) Configure organization rules for each relevant function.

b) Update the functions that contain each relevant action by activating the fields for the required permissions and maintaining a value for each specific organization.

c) Configure organization rules for each relevant risk.

d) Update the functions that contain each relevant action by activating the fields for the required permissions.

e) Configure organization level system parameters to incorporate all organization levels for each relevant risk.

03. You want request details to be sent to specific users automatically using a custom notification. What do you have to do to enable this?

Note: There are 2 correct answers to this question.


a) Assign a document object to a message class.

b) Enable e-mail reminders for the required users.

c) Define a stage in MSMP workflow.

d) Define a notification message using the required variables.


04. You have created a new end-user personalization (EUP) form. Where can you make use of this EUP form?

Note: There are 2 correct answers to this question.


a) In a stage configuration of a workflow

b) In an organizational assignment request

c) In a template-based request

d) In a model user request


05. Which of the following objects can you use as an agent type to define approvers assigned to a workflow stage in MSMP workflow?

Note: There are 3 correct answers to this question.


a) PFCG User Groups

b) GRC BAPI Rules

c) User Group for Authorization Check

d) Directly Mapped Users

e) PFCG Roles


06. Where can you define a mitigating control?

Note: There are 3 correct answers to this question.


a) In the mitigating controls workset in Access Control

b) In the rule setup in Access Control

c) In the Access Control risk analysis result screen

d) In the central process hierarchy in Process Control

e) In the activity setup in Risk Management


07. What information is mandatory when you define an initiator or routing rule in the Maintain Rules work area?

Note: Please choose the correct answer.


a) Rule Result Value

b) Notification Variable

c) Route Mapping

d) Variable Description


08. Which report types require the execution of batch risk analysis?

Note: There are 2 correct answers to this question.


a) Ad-hoc risk analysis reports

b) Offline risk analysis reports

c) User level simulation reports

d) Access rules detail reports

e) User and role analysis dashboards


09. You have created a connector to use Access Control for access request management.What does SAP recommend regarding the assignment of integration scenarios to this connector?

Note: Please choose the correct answer.


a) Assign the Provisioning (PROV) integration scenario to the connector.

b) Assign all four Access Control integration scenarios to the connector.

c) Assign the Role Management (ROLMG) integration scenario to the connector.

d) Assign the Authorization Management (AUTH) integration scenario to the connector.


10. You want to assign an owner when creating a mitigating control. However, you cannot ind the user you want to assign as an owner in the list of available users. What could be the reason?

Note: Please choose the correct answer.


a) The user is already assigned as an owner to another mitigating control.

b) The workflow for creating a mitigating control has not yet been approved.

c) The user is locked.

d)The user has not been assigned as an owner in the organizational hierarchy.


Solutions:


QUESTION: 01- Answer: b

QUESTION: 02- Answer: c, d

QUESTION: 03- Answer: a, d

QUESTION: 04- Answer: a, c

QUESTION: 05- Answer: a, d, e

QUESTION: 06- Answer: a, c, d

QUESTION: 07- Answer: a

QUESTION: 08- Answer: b, e

QUESTION: 09- Answer: b

QUESTION: 10- Answer: d

46 views0 comments

Comments


bottom of page