on 12-11-2008 3:08 AM
Hi Experts,
Help needed. I am a newbie with GRC.
I have executed the background jobs for RAR:
- roles/profiles/users sync
- batch risk analysis
- mgt rpt
all full sync and with * values
Once completed, the infor was updated in the informer tab under mgt view.
Question 1: What is puzzling me is, though i have setup the rule architect with critical roles and profiles (SAP* roles & S profiles) and under config tab to ignore critical roles and profiles (set to YES). Why is the mgt view->risk violations still showing me IDs assigned with SAP_ALL? This is definitely not a good place for top mgt to view the report since it is not reflecting the "accurate" situation of the system. Right?
Is risk analysis->user analysis, role analysis the "right" place for top mgt to view the reports then? Please advice.
Question 2:
When I change the background job parameters for Batch Risk Analysis with specific usergroup and specific role range, why it doesnt reflect in the mgt view->risk violations? it still show me all the users in the systems and not the range of users that i specified.
Thanks.
Hi Annie,
For your first question check this thread -
Question 2:
When I change the background job parameters for Batch Risk Analysis with specific usergroup and specific role range, why it doesnt reflect in the mgt view->risk violations? it still show me all the users in the systems and not the range of users that i specified.
As per my uderstanding mgt-risk violation will show you the results based upon the selected criteria in the view and not based upon the background job you selected. Once Full Batch Risk Analysis is done, the data is there in GRC database. After that it keeps syncing each time you run a new batch risk analysis and adds any new changes.
Showing in mgmt report is based upon what you select to see.
Regards,
Sabita
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.