Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

Number of risks / rules

Hello GRC guys,

I am very new to GRC and currently i am trying to set up a demo system.

After doing some basic steps in RAR, i soon found a good description for "configuration steps after installation".

And as soon as i found this guide a question arose:

referring to

Why do they have more than 170.000 violations, and we have NONE?? I followed the steps provided in RULE UPLOAD of config guide and found the new SP08 for delta upgrading rules.

Looking at "Rule Architect" -> Rule Library, Action Level, we have about 16.000 active rules.

Why do they so many more rules than we have?

Former Member replied

Hi Florion,

For ECC 6.0, upload R3* fileset.

please check the configuration parameter under Configuration > Risk Analysis > Additional Option-

"Consider Org. Rules when updating the Management reports and during Risk

Analysis Web Service Call ".

If this config parameter is set to YES this means that Organizational Rules are considered during Risk Analysis. If you do not have Organizational Rules set up in Rule Architect, Risk Analysis will display zero violations in the report. Change this option to NO if you do not have Organizational Rules set up.

Check SAP note - 1169541

After setting it, run again batch risk analysis job full sync.

I hope it will help.



0 View this answer in context

Helpful Answer

Not what you were looking for? View more on this topic or Ask a question