- SAP Community
- Products and Technology
- Additional Q&A
- Clarification of Mitigating Alerts and Notificatio...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Clarification of Mitigating Alerts and Notifications
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 09-16-2008 4:30 PM
I am investigating mitigating controls in 5.2 and have a query regarding the difference between 'generate action log' and 'alert notifications'. In the configuration tab when maintaining background jobs for mit controls there are the above 2 options. None of the supporting documents clearly explain the difference between these. They're obviously both emails. I expect one advises that mitigating control is due to be executed (alert notificiation). That leaves 'generate action log' which seems to have something to do with capturing transactional data from R3. Can anybody clarify how these are used?
Many thanks in advance
Accepted Solutions (1)
Accepted Solutions (1)
koehntopp
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
"Generate action log" will go to the RTA on your ERP system, look into the STAD/STAT tables and analyse the transactions the users have run. If any one user has either executed a transaction from within a critical action risk or a combination of transactions from an SoD risk, the user name, date/time/terminal and transaction(s) will appear in the alert log.
Mitigating alerts check if a mitigation alert monitor has actually run the report that has been assigned in the control, in the defined period. He needs to have run that report at least once in order for this to work (so that CC can calculate the control period).
"Alert notifications" allows you to schedule a different time for when you want emails being sent to risk owners or control owners in case of a new alert. These emails will contain the information from the actual alert.
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Answers (3)
Answers (3)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi
Firstly thank you to Tavi, Frank and Hersh. I really appreciate your speedy responses and it has shone light on this topic for me.
I'd like to summarise to ensure I have clearly understood. The mitigating controls, users, controllers and approvers are maintained in the 'Mitigation' tab.
The alerts are emails and relate to the execution of the defined mitigating controls (reports). If the controls are not executed in defined period an alert will be sent to the monitor to remind them or alert them that this activity is to be performed. The Monitor is the person assigned to run these controls reports in specified period.
The notification logs read from R3 logs and will look specifically for mitigated users. It will check to see if they run a combination of the mitigated transactions e.g. create vendor, raise invoice. If this combination of transactions occur a log will generate with relevant details. My question here is 'are notification logs sent my e mail and who is person to receive them, is it the monitor?' If not, where are they to be found. Is this a resource hungry activity and is it recommended.
Is the Monitor the only role relating to above.
Thanks so much in advance.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hello Grainne,
Agreeing to what Frank and Tavi have suggested, you may use these reports and notifications independently for each of the three tasks mentioned in the tab. This decision would primarily be based on the frequency of each of the three happening in your implementation.
E.g you may have "Critical action alerts" generated and notified every hour if they are important from your business point of view, while you may have "Mitigation" running every day if they are less in number and not that critical. Also, there might be a scenerio where you do not want to send Emails for all the three, for which you can make a selection independently.
Regards,
Hersh.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi,
Alert log is generated whenever you execute any of the critical transactions maintained in Critical Transaction link under Rule Architect. Regarding "generate log" that will be generate whenever you will schedule a backgournd job for "alerts" and you can check the result in "Alert" tab for give transaction. To make alert work for you, you should have a file located at application server directry and give the path of that file in Congfig -> miscelaneous->alert log file name & location. If you have this file physically located and that path is meritioned here, you are done with your alert config. And if you select "Alert notification"
while scheduling the job it will send the notification (email) also apart from above mentioned things.
Thanks,
Tavi
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- How to design sales prices in SAP S/4HANA and be ready for future innovations in Enterprise Resource Planning Blogs by SAP
- How to design sales prices in SAP S/4HANA and be ready for future innovations in Enterprise Resource Planning Blogs by SAP
- Environment, Health and Safety in SAP S/4HANA Cloud Public Edition 2402 in Enterprise Resource Planning Blogs by SAP
- SAP S/4HANA Cloud Private Edition | 2023 FPS01 Release – Part 2 in Enterprise Resource Planning Blogs by SAP
- Deletion of Master and Transactional Data (ILM) in SAP S/4HANA Cloud,Public Edition-Link Collection in Enterprise Resource Planning Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.