- SAP Community
- Products and Technology
- Additional Q&A
- Different SOD results between R/3 and GRC
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Different SOD results between R/3 and GRC
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 03-29-2010 5:45 PM
Hello Experts - we are currently upgrading from CC 4.0 to GRC 5.3. We have some users and some roles that do not have SOD's in R/3, but do have SOD's when checked in GRC. Risk anaylsis in both systems is set to Permissionan level, Global rule set, Exclude Locked/Expired/Mitigated Risks. Not sure what else to check to explain the discrepency between the two systems. Does anyone have any suggestions? Thank you very much for your time.
Accepted Solutions (0)
Answers (1)
Answers (1)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Kelsi,
This means that the rulesets are different for CC 4.0 (ABAP version) and GRC RAR (Jave version). Check the rule architect tab of CC 4.0 and RAR 5.3 to compare. You can download the CC 4.0 ruleset and upload it to RAR 5.3 to see if this produces same results or not.
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Thank you Alpesh. We tried this suggestion and we are still getting different results in GRC. I think it might be because of the report type I am using (which is Permission Level). In Compliance Calibrator 4.0 we have it set to SA, which i believe is the same as Permission Level. I've researched what the correct report type is and I've found many different answers. I need GRC to be able to take the persmissions into account when running risk analysis, not just the transaction codes. When it looks at the transaction codes only, it returns false positive results as many of the transactions are view only. In your respected opinion, what is the best report type to get us the results we were seeing in Compliance Calibrator 4.0? Thank you so much for your time!!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Latest Updates to the Reimagined Applicant Management Tool in SAP SuccessFactors Recruiting in Human Capital Management Blogs by SAP
- Start page of SAP Signavio Process Insights, discovery edition, the 4 pillars and documentation in Technology Blogs by SAP
- Cannot generate a PDF after latest Microsoft Office update in Human Capital Management Q&A
- Preferred Alternative UoM for Warehouse Operation in EWM in Supply Chain Management Blogs by Members
- How to use Digital Manufacturing MDOs within PPD Example: Where-Used Report with Follow-up Actions in Product Lifecycle Management Blogs by SAP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.