Access Control 5.3 - RAR
Help needed. I am a newbie with GRC.
I have executed the background jobs for RAR:
- roles/profiles/users sync
- batch risk analysis
- mgt rpt
all full sync and with * values
Once completed, the infor was updated in the informer tab under mgt view.
Question 1: What is puzzling me is, though i have setup the rule architect with critical roles and profiles (SAP* roles & S profiles) and under config tab to ignore critical roles and profiles (set to YES). Why is the mgt view->risk violations still showing me IDs assigned with SAP_ALL? This is definitely not a good place for top mgt to view the report since it is not reflecting the "accurate" situation of the system. Right?
Is risk analysis->user analysis, role analysis the "right" place for top mgt to view the reports then? Please advice.
When I change the background job parameters for Batch Risk Analysis with specific usergroup and specific role range, why it doesnt reflect in the mgt view->risk violations? it still show me all the users in the systems and not the range of users that i specified.