Hi Sriram
We did setup the critical Role/Profile functionality to monitor who has access to critical profiles like SAP_ALL in all the target systems connected to our GRC. The job is scheduled on a daily basis and the Compliance team would monitor the results as part of continuous monitoring.
Also like one of the other member already mentioned, a rule can be written in the PC to monitor it.
Regards
Sarada