GRC5.3 RAR - User Level risk analysis


We have ECC connected to GRC. Trying to do a user level risk analysis.

ECC Backend User Info:

User Name: SAP*

User Type:Service

Locked User

No roles assigned

Profiles: SAP_ALL and SAP_New is assigned

GRC5.3 RAR Risk analysis settings:

User Name:SAP*

System: ECC System

User Type:Service

Ignore: Locked and Expired users

Ignore Mitigated risks

Global Rule set

As per my understanding with the mentioned checks in GRC it should not show SAP* having any risks. But GRC is listing the risks present in all the users having their ID starts with SAP irrespective of their user type, thus treating " * " as a wild card.

N.B. In ECC Backend SAP* is the only service id starting with SAP.

Please help. Its becoming quite serious issue for us due to SOX audit which need to be addressed.

Helpful Answer