Security and Compliance Software

The request was partially successful.

Dear Medical Research Council,

Can you confirm the SAP ERP version you are currently using?

Who provides your SAP Security, Authorisations and Role Design support?

Can you please confirm if you currently use SAP Access Control?

If you do use Access Control, what version is installed (options are v5.3, v10.0, v10.1 or v12.0)?

Do you have a support contract with an external provider to support SAP Access Control install?

Can you please confirm if you currently use SAP Process Control?

If you do use Process Control, what version is installed (options are v5.3, v10.0, v10.1 or v12.0)?

Do you have a support contract with an external provider to support SAP Process Control install?

Can you please confirm if you currently use SAP Risk Management?

If you do use Risk Management, what version is installed (options are v5.3, v10.0, v10.1 or v12.0)?

Do you have a support contract with an external provider to support SAP Risk Management install?

Can you confirm if you currently have any other SAP GRC software installed?

List of SAP GRC software includes, but not exclusive to:
i. Business Integrity Screening
ii. Single Sign-On
iii. Identity Management
iv. Audit Management
v. UI Masking
vi. UI Logging
vii. Read Access Logging
viii. BusinessObjects Access Control
ix. Versa GRC

If you do not have any SAP GRC installed/utilised, are there any plans to purchase and install the GRC software?

If you have implemented any of the aforementioned software and have a support contract what is the renewal date of that contract?

Where is your SAP infrastructure located and in what format?

When is the contract for third party support of your SAP infrastructure due for renewal?

Where do you advertise any SAP related procurement opportunities?

Yours faithfully,

Thomas

UKRI FOI Requests, Medical Research Council

Dear Thomas,

Ref: UKRI 2018/0200 M

Thank you for your information access request.

It will be passed to the appropriate UK Research and Innovation (UKRI) team to provide a response. The response will be provided in line with the relevant information access regime by the 10/12/2018.

Regards,

UKRI Information Governance
[email address]

UKRI is the legal entity for complying with UK Information Access Regimes (Data Protection Act (1998)/General Data Protection Regulation (2018), Environmental Information Regulations (2004), Freedom of Information Act (2000).

From 1st April 2018 the seven UK Research Councils (AHRC, BBSRC, EPSRC, ESRC, MRC, NERC and STFC) Innovate UK and Research England became part of UK Research and Innovation, a non-departmental public body funded by a grant-in-aid from the UK Government. For more information please visit www.ukri.org

show quoted sections

UKRI FOI Requests, Medical Research Council

1 Attachment

Dear Thomas

Please find attached our response to your Freedom of Information request,
our reference UKRI 2018/0200 M.

 

 

Kind regards

 

 

UKRI Information Governance
[1][email address]

 

 

 

This email and any attachments are intended solely for the use of the
named recipients. If you are not the intended recipient you must not use,
disclose, copy or distribute this email or any of its attachments and
should notify the sender immediately and delete this email from your
system. UK Research and Innovation (UKRI) has taken every reasonable
precaution to minimise risk of this email or any attachments containing
viruses or malware but the recipient should carry out its own virus and
malware checks before opening the attachments. UKRI does not accept any
liability for any losses or damages which the recipient may sustain due to
presence of any viruses. Opinions, conclusions or other information in
this message and attachments that are not related directly to UKRI
business are solely those of the author and do not represent the views of
UKRI.

References

Visible links
1. mailto:[email address]