Hi All,
A brief information about migration of rule sets.
The AC 5.3 rule set is perfect to use for the GRC 10 system. This is loaded using import rule set.
No performance issues with this rule set from AC 5.3 in the GRC 10 system.
Consider this:
• Access Risk Management (ARA) comes delivered with SAP’s best practice standard delivered Rule Set (used as a starting point for new implementations). The Rule Set is delivered in BCSETS and loaded using transaction SCPR20.
• For those who already have implemented Risk Analysis and Remediation (RAR) (such as previous version 5.3) should have a customized Rule Set to meet the business requirements. Rather then activate the new Rule Set delivered by SAP in the BCSETS in GRC 10 it is best to consider importing the customized Rule Set into GRC 10 using the SPRO Rule Set import function.
• It is a good idea to evaluate the changes incorporated into the most recent SAP Rule Set to determine if the changes should be added to custom Rule Set. Any modifications desired can be manually made using the Rule Architect feature of access risk management.
• Administrators may decide it is easier to implement this new rule set (which will overwrite existing custom Rule Set) and just make the customization changes again to the newly imported default Rule Set. This works best when minimal changes to the default Rule Set have been made.
Hope this will be helpful 