FACET_TM_SAP_GRC_PC_UserGuide_V006

Finance and Accounting Control Effectiveness 

SAP GRC PC User Guide 

SAP GRC PC User Guide, FME © Copyright

Version History 

Version Date Changes 

V002 

Control Evaluation Questionnaire added 

V003 08.12.2015 Modify OrgUnit, Process, Subprocess, Controls, and issues added 

V004 16.12.2015 Assign / add new control to subprocess 

V005 12.01.2015 Add Roll-Forward Certification; Modified CEQ 

V006 12.01.2015 Update RFC 

SAP GRC PC User Guide, FME © 1/12/2016 Page 2

The major activities in the current SOX-Timetable 

can be mapped to the aspired future FMC ICS Cycle 

Reporting to Group Corporate, Hard 

Close Reporting to the Audit and 

Corporate Governance Committee and 

Year-End Confirmation via email to 

Group Corporate 

5 Sign-off 

Yearly Risk Assessment 

Risk based Scoping Approach 

1. Risk Assessment 

& Scoping 

Remediation of deficiencies 

4. Remediation 

ICS Cycle 

3. Control 

Assessment 

2. Control 

Documentation 

& Implementation 

Process and documentation 

review incl. control updates 

and implementation of new 

controls Implementation of 

SAP process control 

Management Assessment 


ICS Software Solution to support the ICS Lifecycle 

Resulting objectives from the ICS Lifecycle support 

Support a corporate wide approach by providing regional local 

flexibility 

Provide the possibility to include all FMC control catalogues in 

order to provide transparency on the ICS 

Support the ICS-lifecycle and allow different testing 

approaches 

Consider usability and simplicity for the end-users 

Support the concept of control automation/ automated testing 

of effectiveness in order to lower manual work efforts by 

increasing security 


Table of Symbols 

Important/ 

Additional 

! 

information 

i 

 

Next page 

available 

Modify 

local Data 

Receive E-Mail 

Plan 

Assessment 

Back to Table 

of Content 

Reporting 

Role 

assignment 

Master Data 

/ Local Data 

Perform 

Assessment 

ICS Tool 

Miscellaneous 


Content Overview 

• Create an Organization 

• Create a Central Process 

• Create a Central Subprocess 

• Create a Central Control 

• Create Test Plan 

• Assign Test Plan to Central Control 

• Create a Central Risk Category 

• Create a Central Risk Template 

• Assign a Subprocess to an OrgUnit 

• Create Ad-Hoc Issue 

• Create Questions 

• Create Surveys 

• Plan Test of Effectiveness (ToE) 

• Plan Roll-Forward Certification 

• Plan Risk Assessment / 

Documentation Review 

• Plan Control Evaluation 

Questionnaire 

• Export report to Microsoft Excel 

• Planner Monitor 

• Risk and Control Matrix 

• Test Step Status 

• Assessment Survey Details 

• Report personalization 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

• Assign an User to OrgUnit 

• Assign an User to Process / 

Sub & Control 

• Use Central Delegation 

• Modify OrgUnit 

• Modify Process 

• Modify Subprocess 

• Modify Control 

• Create Control Specific Issue 

• Assign / add new controls to 

Subprocess 

• Perform Ad-Hoc Issue & 

Remediation Plan 

• Perform Risk Assessment 

/ Documentation review 

• Perform Roll-Forward 

Certification 

• Perform Test of 

Effectiveness 

Miscellaneous 

• Allow Referencing 

• Sign-Off 

Preparation 

Operational Tool Usage / ICS Cycle 


Guide Content 

1 Set up Master Data 

2 Assign User 

3 

Maintain local Data 

4 

Plan an Assessment 

5 

Perform an Assessment 

6 

Reporting 

7 Miscellaneous 


Section 1 – Set up Master Data 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

1.1 Create Organization 

1.2 Create Central Process 

1.3 Create Central Subprocess 

1.4 Create Central Control 

1.5 Create Test Plan 

1.6 Assign Test Plan to Central Control 

1.7 Create Central Risk Category 

1.8 Create Central Risk Template 

1.9 Assign Subprocess to OrgUnit 

Note: Unless otherwise stated, whenever the masculine gender is used, both men and women are included. 


1.1 Create Organization 

Step by Step 

i 

You create and edit organizations 

as a step in documenting 

your compliance initiative. 

1. Tab: Master Data 

• “Organizations” 

• Quick Link: “Organizations” 

2. Set a date and click “Apply” 

• Select an unit to integrate the new 

organization 

• Click “Add” and create a new 

organization 

3. Provide details on organization 

• Following inputs are mandatory: 

• “Name”, 

• “Valid From” date & 

• “Valid To” date 

• Click save 

Visual Aid 

1 

2 

3 


1.2 Create Central Process 

Step by Step 


• “Activities and Processes” 

• Open “Business Processes” 

Visual Aid 

1 



process 

• Click “Create” to add a new central 

process 

3. Provide details: 






2 

3 


1.3 Create Central Subprocess 

Step by Step 


• “Activities and Processes” 


Visual Aid 

1 



subprocess 


subprocess 







2 

3 


1.4 Create Central Control 

Step by Step 



2. Create new central control 

• Set a date and click “Apply” 

• Select a subprocess to integrate 

the new control 


control. 




• “Valid From” date, 

• “Valid To” date, 

• “Trigger” has to be set on 

“Date”, 

• “To be Tested”, 

• If “To be Tested is “Yes”, 

add a Testplan*, 

• “Test Automation”, 

• “Control Automation” & 

• “Purpose” 

4. Add Regulation 

• Select Tab “Regulation” 

• Click “Add“ 

• Select correct regulation 

• Click “Ok” 


• A new central control has been 

created 

*Go to: AssignTestplan to Control 

Visual Aid 

1 2 

4 

3 


1.5 Create Testplan 

Step by Step 

1. Tab: Assessments 

• Open “Manual Test Plans” 

2. Create new Test Plan 

• Click “Create” to add a test plan 




• “Valid From” date, 

• “Valid To” date, 

• Click “Add” to add new test steps 

and fill in all needed details 

• To add more steps, just click “Add” 

again 

• Click “Save” 

• A new test plan has been created 

and can be assigned to a central 

control 

Visual Aid 

1 

2 

3 


1.6 Assign Test Plan to Central Control 

Step by Step 

i 

A manual test plan consists of a 

sequence of test steps (or 

procedures) performed during 

testing to determine that a control is 

operating effectively. A manual test plan 

may test either a manual or automated 

control. If the test method is noted as 

manual, a manual test plan will apply. 

1. Add Testplan 

• Open a central control 

• Open “Test Plan” List 

2. Select Test Plan ID 

• Enter a known “Test Plan ID” 

• “Test Plan Name” 

• “Description” 

• Or “Valid From” date to search a 

“Test Plan” 

• Select a valid “Test Plan Id” 


3. Alternative 

• Tab: Assessment 

• Open “Manual Test Plan 

• Select an already created control 

to assign 

• Click “Assign to” and select 

“Central Controls” 

• Select a control 

• Click Ok 

Visual Aid 

1 

2 

3 


1.7 Create Central Risk Category 

Step by Step 


• Open “Risk Catalog” 



risk category 

• Click “Create” and select “Risk 

category” 





• A new risk category has been 

created 

Visual Aid 

1 

2 

3 

2 


1.8 Create Central Risk Template 

Step by Step 


• Open “Risk Catalog” 


• Select a parent risk category to 

integrate the new risk template 


template” 





• A new risk template has been 

created 

Visual Aid 

1 

2 

3 


1.9 Assign Subprocess to OrgUnit 

Step by Step 


• Open “Organization” 

• Set a date and click “Apply” 

• Select a parent OrgUnit to assign a 

Subprocess 

• Click “Open” 

2. Click “Assign Subprocess” 

3. A new window will popup 

• Select correct subprocess and click 

“Next” 

• Allow local changes if necessary 

• Click “Submit” & “Finish” 

• Now a subprocess will be assigned 

to an orgunit 

Visual Aid 

1 

2 

3 

3 


Section 2 – Assign User 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

2.1 Assign User to OrgUnit 

2.2 Assign User to Process /Subprocess /Control 

2.3 Use “Central Delegation” 


2.1 Assign User to OrgUnit 

Step by Step 

i 

You can use this function to 

assign users to roles for 

corporate and organization 

objects. You typically perform this task 

during initial setup, when organizations 

or roles (corporate or organization) are 

added, or when multiple users are 

assigned to roles. 

1. Tab: Access Management 

• Open “Organizations” 

2. Select “Corporate and 

Organizations” 

• Click next 

• Select a parent risk category to 

integrate the new risk template 


template” 

3. Select an organization 

• Move it with the single arrow in the 

middle to the selected window 

• Click next 

4. Select role to assign a user 

• Click on the button to open userlist 

• Select a user 

• Click “Ok“ 

• Click “Next“ and “Submit” 

Visual Aid 

1 

2 

4 

3 


2.2 Assign User to Process /Subprocess / 

Control 

Step by Step 

i 

You can use this function 

during initial setup to assign 

users to roles for local process 

objects. For example, when new 

process objects are added, when roles 

are added for process hierarchy levels, 

or when additional users are assigned 

to roles that can be assigned to 

multiple users. 



2. Select “Process, Subprocess and 

Control” and click “Next” 

3. Choose Process, Subprocess or 

Control 

4. Select your user in the pop-up list 

and click “Ok” 

Visual Aid 

1 

2 

4 

3 


2.3 Use Central Delegation 

Step by Step 

i 

You can authorize a user (the 

delegate) to perform the tasks 

and to exercise the access 

rights of another user (the delegator). 

You delegate access rights by creating 

a new delegation in which you 

designate one user as the delegator 

and another as the delegate. The 

delegator’s access rights and tasks 

become accessible to the delegate for 

the validity period that you specify. 


• Open “Central Delegation” 

2. Click “create” 



• “User” (Delegator) 

• “User” (Delegate) 

• “Start Date” and 

• “End Date” of delegation 

period 


• A new delegation has been created 

Visual Aid 

1 

2 

3 


Section 3 – Maintain local Data 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

3.1 Modify OrgUnit 

3.2 Modify Process 

3.3 Modify Subprocess 

3.4 Modify Control 

3.5 Create Control Specific Issue 

3.6 Assign / add new controls to Subprocess 


3.1 Modify OrgUnit 

Step by Step 

1. Tab: My Home 

• “My Objects” 

• Quick Link: “My Processes” 

Visual Aid 

1 

2. Select Hierarchical View 

3. Select Organizational Unit 

• Identify Organizational Unit by 

column Type “ORGUNIT” 

• Select wanted Organizational unit 

and click “Open” 

4. Modify Org Unit information 

• Modify necessary information and 

click “Save” to commit changes 

2 

3 

4 


3.2 Modify Process 

Step by Step 




Visual Aid 

1 


3. Select Process 

• Identify Process by column Type 

“PROCESS” 

• Select wanted Process and click 

“Open” 

4. Modify Process information 



2 

3 

4 


3.3 Modify Subprocess 

Step by Step 




Visual Aid 

1 


3. Select Subprocess 

• Identify Subprocess by column 

Type “SUBPROCESS” 


“Open” 

4. Modify Subprocess information 



2 

3 

4 


3.4 Modify Control 

Step by Step 




Visual Aid 

1 


3. Select Control 

• Identify controls by column Type 

“CONTROL” 


“Open” 

4. Modify Control information 



2 

3 

4 


3.5 Create Control Specific Issue 

Step by Step 




Visual Aid 

1 


3. Select Control 

• Identify controls by column Type 

“CONTROL” 


“Open” 

2 

4. Select Issues tab 

• Create new issue by clicking 

“Create 

• Please refer to Slide 37 for detailed 

procedure on how to create an 

issue and remediation plan 

3 

4 


3.6 Assign / add new controls to Subprocess 

Step by Step 




Visual Aid 

1 


3. Select Subprocess 

• Identify Organizational Unit by 

column Type “Subprocess” 

• Select wanted Subprocess and click 

“Open” 

4. Add / Assign new controls 

• Click the controls tab 

• Click “Add” 

• If you want to create a new control 

select the first option 

 

• To add a control from the central 

Subprocess select the second 

option. With this option you can 

add all controls which are related 

to the central Subprocess but not 

added in the local one. 

2 

3 

4 

5. Save 


Section 4 – Plan an Assessment 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

4.1 Create Ad-Hoc Issue 

4.2 Create Questions 

4.3 Create Surveys 

4.4 Plan Test of Effectiveness (ToE) 

4.5 Plan Roll-Forward Certification 

4.6 Plan Risk Assessment / Documentation Review 

4.7 Plan Control Evaluation Questionnaire 


4.1 Create Ad-Hoc Issue 

Step by Step 

1. Create an Ad-Hoc Issue: 

• Go to Tab My Home-> “Ad Hoc 

Tasks” -> “Issues” -> open 

• “Ad Hoc Issues” view will open -> 

click on “Create” button 

2. Maintain Issue Details: 

• Issue Details Tab 

• Following fields are mandatory: 

• “Issue Name” 

• “Description” 

• “Priority” 

• “Issue Date” 

• Following fields are optional: 

• “Object type” 

• “Object name” 

• “Owner” 

• “Source” 

• “Due Date” 

• Attachments and links Tab 

• Add document as 

attachment or link in 

SharePoint if needed 

3. Submit or Save issue 

• press “Submit” to finalize the issue 

• Issue will be saved 

• Issue owner will be 

informed via e-mail. 

• Click “Save draft” in order to 

add/modify some issue details later 

on. 

Visual Aid 

1 

2 

3 


4.2 Create Questions 

Step by Step 

i 

The Question Library lists the 

user-defined questions that you 

can use within your surveys. 


• Open “Survey Library” 

Visual Aid 

1 

2. Create Question 

• Click “Create” 



• “Category” 

• “Question” & 

• “Answer Type” 

• “Save” 

• Now you can select questions in 

your “Survey Library” 

2 

3 


4.3 Create Surveys 

Step by Step 

i 

A survey is a structured list of 

questions. Within GRC, surveys 

are used to obtain information 

about [..] the design or operational 

adequacy of controls. Surveys are used 

to carry out assessments of objects 

such as risks, activities, or policies, for 

example. These assessments are 

defined via plans in the Planner. 

Surveys are created and maintained in 

the Survey Library and sent via the 

workflow. 


• Open “Survey Library” 

2. Create Question 

• Click “Create” 



• “Category” & 

• “Title” 

• Active „Yes“ 

• Click „Add“ to add a “question” 

• Click “Ok” 

Visual Aid 

1 

2 3 

4 

4. Select a question 


• A new survey has been created 


4.4 Plan Test of Effectiveness (ToE) 

Step by Step 

1. Tab Assessments 

• Open “Planner” 

• Click “Create” to create a new 

assessment 



• “Plan Name”, 

• “Plan Activity”, select “Test 

Control Effectiveness” 

• “Period” 

• “Year” 

• “Start Date” 


• Click “Next” 

3. Select Regulation 


• “Regulation” 

• “Evaluation Results 

Sharing” 

• Select a regulation 

• Select if you want to share results 

with other regulations 

4. Select Organizations 

5. Select Subprocess (no screens.) 

6. Click “Finish” and “Activate 

Plan” 

Visual Aid 

1 

2 

3 

4 

6 


4.5 Plan Roll-Forward Certification 

Step by Step 




Assessment 




• “Plan Activity” select 

“Perform Roll-forward 

Certification”, 

• Select a survey 

• “Period”, 

• “Year”, 

• “Start Date” & 





• “Regulation” & 


Sharing” 

• Select a regulation or share 

4. Select “Organizations” 

5. Select “Subprocess” (no 

screens.) 


plan” 

Visual Aid 

1 

2 

3 

4 

6 


4.6 Plan Risk Assessment / Documentation 

Review 

Step by Step 




assessment 





Perform Risk Assessment / 

Documentation Review, 

• “Survey”, select 

“Documentation Review 

Questionaire”, 










Sharing” 



5. Select “Subprocess” (no screen) 


plan” 

Visual Aid 

1 

2 

3 

4 

6 


4.7 Plan Control Evaluation Questionnaire 

Step by Step 




Assessment 





“Perform Control 

Evaluation Questionnaire”, 

• Select a survey 










Sharing” 



5. Select “Subprocess” (no 

screens.) 


plan” 

Visual Aid 

1 

2 

3 

4 

6 


Section 5 – Perform an Assessment 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

5.1 Perform Ad-Hoc Issue & Remediation Plan 

5.2 Perform Risk Assessment / Documentation review 

5.3 Perform Roll-Forward Certification 

5.4 Perform Test of Effectiveness 



(1/3) 

Step by Step 

1. Receive an issue task: 

• Get an email notification with 

following subject “An Issue has 

been logged” 

• Log-in to the System 

• Go to “My Home Tab” 

• Open “Work Inbox” link 

Visual Aid 

1 

2. Perform issue: 

• Select an issue from the list 


• Check issue content: “Description”, 

“Notes” and “Due Date” 

• If no remediation plan needed: 

• Perform issue 

• Leave a note 

• Close without plan 

3. Reassign the issue 

• If you were not the right recipient 

or additional task of another 

colleague is needed: 

• Leave a note 

• Reassign the issue 

• Choose another user -> 

“Ok” 

• Submit the issue 

2 

3 

 



(2/3) 

Step by Step 

4. Assign remediation plan: 

• Press button “Assign remediation 

plan” 

• Fill in following information: 

• “Plan name”, 

• “Start Date” and “Due 

Date”, 

• Person responsible 

“Owner” & 

• Plan “Description” 

• Press “Ok” 

Visual Aid 

4 

5. Submit remediation plan: 

• Press “Submit” to forward the 

remediation plan task to person 

responsible 

5 

 



(3/3) 

Step by Step 

6. Start remediation plan task: 

• “My Home” -> “Work Inbox” 

• Open work item by clicking on its 

subject. 

Visual Aid 

6 

• Update Remediation Progress: 

• Maintain completion progress 

• Leave comments if needed 

• Press “Submit” to save progress 

• Press “Assign Next Processer” in 

order to forward the remediation 

plan to another responsible user. 

7. Complete Remediation Plan 

• press “Complete” to finalize 

remediation plan activities 

• If completion progress was not set 

to 100% you will be asked to 

update it. 

• Press “Submit”, to save results 

• Issue status will be set to “closed” 

7 


5.2 Perform Risk Assessment /Documentation 

review (1/2) 

Step by Step 

1. Receive to-do in “Work Inbox”: 

• log-in to the system 

• go to “My Home Tab” 

• Open “Work Inbox” link 

2. Open Risk Assessment / 


• Open a subject from the list 

• “Status” has to be “Ready” 

3. Perform Risk Assessment / 


• Evaluate each step by answering 

all questions. 

• Leave a comment in case of failure 

• Set “Rating” to “Appropriate” or 

“Inappropriate” 

• Optional add “Comments” 

• Click Submit to finish “Risk 

Assessment / Documentation 

Review” 

Visual Aid 

1 

2 

3 

 


5.2 Perform Risk Assessment /Documentation 

review (2/2) 

Step by Step 

4. Report Issue: 

• Click on the “Report Issue” button 

• Enter “Issue Name” 

• Set a Priority: “high”, “medium” or 

“low” 

• Choose an “Owner” 

• Describe the issue 

• Describe possible “Compensating 

Controls” 

• Fill in “Potential Impact” 

• Submit the issue to the issue 

owner by clicking “OK” 

Visual Aid 

4 



(1/2) 

Step by Step 

1. Receive Assessment Email with 

attached PDF-File: 

• Log in to your email program 

• Open an email sent by GRPC with 

general object: “Perform Rollforward 

Certification for …“ 

• Open the attached PDF 

2. Perform evaluation: 

• Go to “Evaluation” Tab 

• Answer the question with “I certify” 

or “I don’t certify” 

3. Set a Rating (2 Options) 

• Option 1: Select 

“Inappropriate” if the 

answer above is “I don’t 

certify” and leave a 

comment. In this case 

please report an issue. 

 

• Option 2: Please select 

“Appropriate” if the answer 

above is “I certify” and 

send it back to the system 

by clicking “Submit” 

Visual Aid 

1 

2 

3 



(2/2) 

Step by Step 




• Set a Priority: “high”, “medium” 

or “low” 




Controls” 




Visual Aid 

4 

5. Submit Test Results 

• Click “Submit” button to send 

testing results back to the system 

5 


5.4 Perform Test of Effectiveness (1/4) 

Step by Step 

1. Receive Assessment Email with 

attached PDF-File: 

• Log into your email program 

• Open an email sent by GRPC with 

general object: “Perform manual 

Test of Control Effectiveness… “ 

Visual Aid 

1 

2. Perform Test Step evaluation: 

• Go to “General Tab” ->”Test Steps” 

• Evaluate each step by choosing 

“Pass” or “Fail” as a “Test Result”. 

• Leave a comment in case of failure 

2 

 



Step by Step 

3. Set overall test result: 

• Go to “General Tab” -> “Test 

Details” 

• Enter “Test Date” 

• Set overall “Test Result”. 

• If “Test Result” is “Fail” -> 

“Comment” is mandatory 

• Finally fill in the field “Test 

Performed” by choosing an 

appropriate answer 

Visual Aid 

3 

 



Step by Step 




• Set a Priority: “high”, “medium” or 

“low” 




Controls” 




Visual Aid 

4 

 



Step by Step 

5. Submit Test Results 

• Click “Submit” button to send 

testing results back to the system 

Visual Aid 

5 

• or 

6. Assign testing to the next Tester 

• Click “Assign to Next Tester” 

• Enter a “User Name” or chose one 

from the list by clicking “Find User” 

• Click “OK” to forward the testing 

6 


Section 6 – Reporting 

Set up 

Master Data 

Assign User 

Maintain 

local Data 

Plan an 

Assessment 

Perform an 

Assessment 

Reporting 

6.1 Planner Monitor 

6.2 Risk and Control Matrix 

6.3 Test Step Status 

6.4 Assessment Survey Details 

6.5 Report personalization 

6.6 Export report to Microsoft Excel 


6.1 Planner Monitor 

Step by Step 

i 

You can use the Planner Monitor 

to track and monitor the execution 

status of workflow, e-mail 

survey, and user-defined objects 

created by the planner within the 

application. 

Visual Aid 

1 

1. Tab: Assessment 

• Open “Planner Monitor” 

2. Displayed Data 

• In this report following data is 

displayed: 


• “Plan activity”, 

• “Organization”, 

• “Object”, 

• “Frequency”, 

• “Start Date”, 

• “Due Date”, 

• “Recipients” & 

• “Status” 

2 

• Status has three different values: 

1. „Error“, 

2. „Completed“ & 

3. „Overdue“ 

! 

If an error occurs , please 

contact your system 

administrator 


6.2 Risk & Control Matrix 

Step by Step 

1. Tab: Reports and Analytics 

• “Master Data Reports” 

• “Risk and Control Matrix” 

2. Following inputs are mandatory: 



• “Report structure” & 

• “Regulation” 

• All other inputs can be used as 

filter 

• Click “Go” to create the report 

Visual Aid 

1 

2 


6.3 Test Step Status 

Step by Step 


• “Assessment Reports” 

• Open “Test Step Status” 

report 




• “Report structure”, 

• “Regulation”, 

• “Rating”, 

• “One/All Evaluation” & 

• “Test Steps” 


filter 

• Click “Go” to create the Report 

Visual Aid 

1 

2 


6.4 Assessment Survey Details 

Step by Step 


• “Assessment Reports” 

• Open “Assessment Survey 

Details” report 




• “Report structure”, 


• “Rating” 


filter 

• Click “Go” to create the Report 

Visual Aid 

1 

2 


6.5 Report personalization (1/4) 

Step by Step 

1. Personalized Selection 

• Go to the link “Selection” -> right 

mouse click 

• Maintain relevant selection fields to 

get required data set in the report 

! 

If you would like to launch the 

same report with the same 

selection criteria on a regular 

basis, you can save your settings in a 

selection variant: 

1 

Visual Aid 

• Press button “Save variant” 

• Enter variant name 

• Click ok 

 



Step by Step 

2. Ad-Hoc Sort and Filter per column: 

• Left mouse click on column header 

to get context menu 

• Choose preferred sort function: 

• “Sort in Ascending Order” 

• “Sort in Descending Order” 

• Choose preferred filter function: 

• “All values” 

• “One of the values 

available” 

• “User-defined filter” 

Visual Aid 

2 

3. Reset Ad-Hoc Filter 

• Left mouse click on column header 

• Choose “All” 

3 

 



Step by Step 

4. Sort and Filter Using Settings 

dialogue 

• “Tab Sort” -> add required 

columns -> maintain sorting 

settings for each column 

• Click “Apply” to see the 

immediately result 

• Click “Reset” to reset 

settings made previously 

• Click “Ok” to save the 

results 

4 

Visual Aid 

• “Tab Filter” -> add required 

columns -> Set filter value for 

each column 

• Click “Apply” to see 

immediately result 

• Click “Reset” to remove all 

filter settings made 

• Click “Ok” to save the 

results 

 



Step by Step 

5. Personalize Report 

• Go to “Personalize” link placed left 

over the report name 

• Right mouse click on the link to get 

to the menu 

• Choose “Personalize Fields” to 

add additional fields from available 

or to remove fields selected in the 

current view 

• Click “Save” to keep 

settings 

• Click “Reset 

Personalization” to undone 

settings made 

• Click “Cancel” to go back to 

the report without saving 

any changes 

• Choose “Report Personalization” 

to set settings like output format 

(tabular or hierarchical), 

aggregation logic (average of all 

ratings, worst rating), include 

assessments… 

• Choose “Personalize General 

Reporting Setting” for example 

to change report length (columns) 

• Choose “Print Setting” to change 

print settings 

5 

Visual Aid 


6.6 Export report to Microsoft Excel 

Step by Step 

1. Press “Print or Export” button 

under the name of current report 

2. Left mouse-click on “Export” 

button 

• Choose “Export to Microsoft Excel” 

3. Confirm, 

• that you want to open or save the 

report as an excel file by clicking 

on “Open” or “Save” button 

4. Report will open in Microsoft 

Excel 

1 

2 

3 

Visual Aid 

4 


Section 7 – Miscellaneous 

7.1 Allow Referencing 

7.2 Sign-Off 


7.1 Allow Referencing (1/2) 

Step by Step 

i 

Any given control in a sub 

process may satisfy 

control objectives and mitigate 

risks in other subprocess, process and / 

or organization. 

These controls will be referred to as 

“Referenced” controls. 

A given organization may reference this 

control that resides in another 

subprocess, process and / or 

organization to mitigate its own 

associated risk. 

At the time a control is set up a 

decision is made to allow referencing, 

by selecting "allow referencing" 


• “Organizations” 


2. Select an OrgUnit 

• Open “Subprocess” 

3. Referenced Control 

• Open “Control” 

• Activate checkbox “Allow 

Referencing” 

• Click “Save” 

Visual Aid 

1 

2 

3 

 


7.1 Allow Referencing (2/2) 

Step by Step 

! 

Choosen subprocess needs same 

risk as the original subprocess 

Visual Aid 

5 


• Organizations 


6. Select an OrgUnit and click open 

7. Open Tab Subprocess 

• Select a subprocess 


8. Open Tab Risks 

• Select a risk 

• Click “Assign Control” 

• Referenced control is available to 

select 

• Select referenced control 

• Click “Ok”, “Save” & “Save” 

6 

7 

8 


7.2 Sign-Off 

Step by Step 

! 

Visual Aid 

Sign-Off: 

Tool provides functionality, 

but currently not used. 

!

FACET_TM_SAP_GRC_PC_UserGuide_V006

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?