The SAP GRC system has to be updated too, with new functionalities, solved issues and improvements.
Here's why you should think about updating this tool. Let's talk about SAP GRC Access Control.
Let's start with a little bit of background history. SAP acquired the Virsa System company in 2006. This company developed a vertical compliance tool for SAP systems. Specifically for the analysis of the Segregation of Duties.
Since then, a series of modification in the product name happened, up until the current terminology, which is SAP Governance RIsk and Compliance
During the years also the product technology has changed. From originally having the ABAP language (release 4.0) to the HAVA version in the 5.X releases up to the return to ABAP, via web, from the 10.X release until the latest 12.X.
Here is the date detail of the End of Maintenance:
The SAP GRC product is composed of two parts:
These two components must be installed in the same version (same Support Package - SP), meaning that if I install the GRC 10.1 SP15 I will have to install the connected plug-in (on all SAP machines connected to GRC) in the same version.
The plug-in allows SAP GRC to exchange data with the connected backend systems.
Here's the state of the updates, meaning the latest support packages:
In this release the analysis support was introduced for the S/4HANA environment, for more details look at the S/4HANA and FIORI section.
Could we immagine to leave everything as is? This depends also from what SAP GRC Access Control modules are being used. Let's see the various characteristics:
The greater the update time between releases, the greater will the activities to do after the migration be. Once the update is done some manual actions could be necessary to adapt GRC's transaction data.