cancel
Showing results for 
Search instead for 
Did you mean: 

AC 5.3 Logical systems and multiple Physical systems

Former Member
0 Kudos

HI all:

We have set up a Logical System, and then have hooked up 2 Physical systems to it. Based on the documentation from SAP, the rule set (and the way we set it up) is at the Logical system level.

Physical system #1 is reporting the correct results, however, Physical system #2 results are not complete. My understanding is that both Physical systems should be drawing from the rule set based in the Logical system.

Results: Physical system #1 - correctly identifies 10 risks

Physical system #2 - incorrectly only identifies 5 of the expected 10 risks.

Role assignment to user is exactly same, authorizations are exactly the same. The User/Role/Profile Full Sync has been repeated as part of troubleshooting.

Has anyone experienced this? I'm looking for ideas/options on where to investigate why the results are different.

Thanks

Margaret

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

Hello Margaret,

Provided Role assignment to user is exactly same, authorizations are exactly the same. The User/Role/Profile Full Sync has been repeated as part of troubleshooting, the things that you can hunt for are the rulset and concerned entities like Risks and functions etc., like what Harleen has mentioned.

Also, please check if you have the same critical transactions defined for both. As a troubleshooting mechanism you can take out the list of risks which are not coming in one of the physical system and then evaluate which kind of Risk that is - critical transaction, conflicting transaction etc? Talking 4-5 of such non-similar risks as an example you can drill a bit more and this will surely throw some light which can guide where you missed config for one of the Physical systems.

Regards,

Hersh.

http://www.linkedin.com/in/hersh13

Former Member
0 Kudos

HI:

Thanks for answering!! I'm having trouble understanding the answers, sorry.

When you have a logical system...you upload the rules once to that system, and generate them. Then when you set up a physical system and hook it up to the logical system...the 1st, 2nd or 3rd physical system....they all use the same ruleset. The whole concept (as I understand) is that the use of Logical and Physical systems...and putting the rule set on the Logical system so you don't have to worry about one rule set taking precedence over another, is an advantage, if this is possible (ie: we don't have multiple rule sets).

Where should I be checking that the risks are defined properly? The rule set is the delivered one from SAP. The functions and risks match what we had (plus more) in the CC 4.0 system.

The first physical system we set up (example: Development) works fine, and all regular SoD risks are coming up as expected. When we added another system (example: Test)...the results of SoD analysis were incomplete.

Does that help clarify? Perhaps I'm just missing something?

Margaret

Edited by: Margaret Sokolov on Apr 28, 2009 4:34 PM

Former Member
0 Kudos

Margaret,

Using the concept of logical systems, you will have less database entries for the same ruleset. Usually, clients will have defined physical systems and then they combine it to create a logical system.

In your case, you created a logical system and added one physical system to it, then you generated rules for this logical system. Now, if you add one more physical system to the logical system, you have to generate rules again. Did you generate the rules or not? If yes then can you regenrate the rules and try?

Regards,

Alpesh

Former Member
0 Kudos

HI Alpesh:

Excellent!!! Re-generating the rules after the addition of an extra physical system worked. Now the results are consistent!!

Thank you very much. I will award points.

Margaret

Answers (1)

Answers (1)

hkaur
Advisor
Advisor
0 Kudos

Hello Margaret,

Have you defined the risks correctly, meaning have you defined the transactions as confilicting transactions in Physical System 2?

Please check the definition of risks and functions again.

Harleen

SAP GRC RIG