Dear Arvind,

You can definitely restrict Risk Terminator to check against critical transactions, but only by creating a new rule set specifically for critical transactions( Say CR1) . This will be apart from your regular rule set ( Say RS1).

In CC configuration, we can define various rule sets and we have to specify the default rule set against which risk analysis is to be done. Whenever a risk analysis is done vide other sub components, it will check against default rule set only.

So, when you want to use Risk Terminator to check against critical transactions only, you have to change the default rule set to CR1. This will solve your problem.

BUT IT WILL NOT CHECK FOR OTHER RISKS DEFINED IN OTHER RULE SETS, IF OTHER TRANSACTIONS/REPORTS ARE EXCERCISED IN GRC.

YOU NEED TO CHANGE IT BACK TO YOUR BASIC/REGULAR RULE SET WHEN YOUR WORK IS OVER,

SO THAT IT WILL FUNCTION IN FULL AND CHECK AGAINST YOUR NORMAL RULE SET.

So for a short time you can change the rule set to CR1 and again have to change to basic/normal ( say RS1) once your special task is over.

BUT IT IS IMPORTANT TO NOTE THAT IF YOU DO NOT CHANGE YOUR RULE SET BACK, YOU WILL NOT GET PROPER RISK ANALYSIS FOR OTHER RULES DEFINED FOR NON-CRITICAL TRANSACTIONS.

Hope this answers your question.

Hi Arvind,

I think when you configure Risk Terminator, you will select the SoD rule set library from Compliance Calibrator and that will include all the rules (including Custom rules configured for your company needs).

Whenever you try to assign a transaction code/Auth Object to a role through PFCG or when you assign a role to a user through SU01, Risk terminator will check the SoD rules and then allow to do it or you may have to place an exception.

Regards,

Kiran Kandepalli.