- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- How to config OrgRule for check of equality
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to config OrgRule for check of equality
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2009 9:23 AM
Hello,
We use GRC Compliance Calibrator V5.2. Our RuleSet also contains Risks based on organization levels.
We have a SOD-Risk (R006) made up of two functions (YK06 and YK08):
Risk Function TCODE Auth.Object Field Value from Value to Condition Status
R006 YK06 F-42 S_TCODE TCD F-42 AND 0
R006 YK06 F-42 F_BKPF_BUK ACTVT 1 2 AND 0
R006 YK06 F-42 F_BKPF_BUK BUKRS $BUKRS AND 0
R006 YK08 F110 S_TCODE TCD F110 AND 0
R006 YK08 F110 F_REGU_BUK FBTCH 2 31 AND 0
R006 YK08 F110 F_REGU_BUK BUKRS $BUKRS AND 0 Risk R006 is only critical, if the two BUKRS in the definition are the same value.
A User with BUKRS = 1000 in F-42 / F_BKPF_BUK and with BUKRS = 1000, 2000 in F110 / F_REGU_BUK is critical.
A User with BUKRS = 1000 in F-42 / F_BKPF_BUK and with BUKRS = 2000 in F110 / F_REGU_BUK is not critical.
We feel that the following OrgRule-Definition does not cover the requirement:
OrgRule ID Risk Org Level Value From Value To Search Type
OR-BUKRS R006* BUKRS 1000 1000 AND
OR-BUKRS R006* BUKRS 1000 1000 AND
Our question:
How must the OrgRule for Risk R006 be defined in order to flag only Users with identical BUKRS as critical?
Thank you very much,
Jürgen Holtz
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2009 4:37 PM
Hi Jürgen,
I think it should be able to cover your scenario. Have you followed this document?
Have a look at this and try again.
Regards,
Alpesh
SAP Manager (PwC)
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2009 4:37 PM
Hi Jürgen,
I think it should be able to cover your scenario. Have you followed this document?
Have a look at this and try again.
Regards,
Alpesh
SAP Manager (PwC)
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2009 5:33 PM
Hello Mr Alpesh,
thank you for refering me to the Quick Reference Guide "Organizational Rules and Organizational Level Reportingu201D. I am aware of this document and have followed it.
However, it does not exactly address my problem as the document explains how to set up OrgRules that cover two different OrgLevels (eg. BUKRS and WERKS).
In my case, I have a single OrgLevel.
However, I have found out that a single-line OrgRule solves my issue.
It is the following OrgRule:
OrgRule ID Risk Org Level Value From Value To Search Type
OR-BUKRS R006* BUKRS 1000 1000 AND
Again, thank you for your input.
I close this posting as this question is now solved for me.
Best regards,
Jürgen Holtz
- SAP Managed Tags:
- Security
