02-27-2009 7:07 AM
Dear All,
We have run the Permission level analysis in GRC 5.2 for the ROLES at permission level and
found that the tool is not reading the ORGANIZATION VALUES maintained
in the derived roles.
We had explored in the GRC tool & found that the field BUKRS,KOART,etc
are ENABLED in the RULES.While the CC tool is fetching value of other authorzation object.
Please Advice if there is any configuration settings required.
For your reference I am pasting the part of report.
Medium F_BKPF_KOA : Accounting Document: Authorization for Account Types ACTVT : Activity Create or generate
Medium F_BKPF_KOA : Accounting Document: Authorization for Account Types KOART : Account Type $KOART
Medium F_BKPF_BUK : Accounting Document: Authorization for Company Codes ACTVT : Activity Create or generate
Medium F_BKPF_BUK : Accounting Document: Authorization for Company Codes BUKRS : Company Code $BUKRS
Thanks,
Sandeep Bhatia
03-02-2009 4:32 PM
Hello Sandeep,
Doing Org Lvl Analysis is not so simple in RAR.
Firstly this is only user based.
For using it you will have to schedule one job in configuration which will update Org Values for users in the database table. I don't remember name of this Utility however it will be something Orguser, just search in Configuration tab.
As mentioned by you, org lvl are already enabled and make sure there values is $.......,
Reason being Org Rules will be generated at runtime and then anlysis will be done.
It will be better you take help of SAP on this. As they have document which will be very helpful to you.
Regards,
Surpreet
03-02-2009 4:51 PM
Please check out:
It is a reference guide to configure Org Level Reporting.
Ankur
SAP GRC RIG
03-03-2009 12:56 AM
Hi
You need to make the Consider Org rule Setting = Yes in CC configuration under additional settings.
Then you have to schedule the Batch Risk Analyis Jobs again .
Thanks
Jasmine