cancel
Showing results for 
Search instead for 
Did you mean: 

unable to Perform Risk Analysis in CUP for 4000 violations

Former Member
0 Kudos

Hi All,

We are unable to perform Risk analysis in our GRC PRD system for a CUP Request which is having around 4000 Violations.But we can able to perform Risk analysis for about 20000 violations in GRC DEV system as both the systems are in updated patch level 11.2.When we try to perform Risk analysis in CUP the following error occurs "*Risk analysis failed: EXCEPTION_FROM_THE_SERVICEViolations exceeds the threshold limit".*.Please help me to resolve this issue.

Regards,

Ramchand.

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
0 Kudos

Hi All!

Thanks for the lead on the fix for this one. Much appreciated!

We had this same issue this morning on our DEV SP11.2 Box during testing. I can verify that putting "0" in the CC Config field does not work even for 48 violations. I put a random high number "20000" instead and it works just fine.

-john

koehntopp
Product and Topic Expert
Product and Topic Expert
0 Kudos

Please go to RAR - Configuration - Risk Analysis - Performance Tuning

There you can set "Threshold Violation Limit for web service"

I would advise against that, however - why bother do risk analysis if you end up with that many violations? You're never going to be able to deal with them through remidiation or mitigation, anyway....

Frank.

Former Member
0 Kudos

Hi Frank,

We had already set the web service threshold violation limit to 0.("This sets threshold violation limit for the Risk Analysis web service. When the violation data count exceeds this limit, an error message appears. The default value is 1000; if set to 0 (zero) then there is no upper or lower limit.* ).Which is available in RAR.How ever as we had recently implemented GRC , It may take some time to go for remediation and mitigation process.

Is there any way to solve this error. Some times the we can able to perform risk analysis for the same request and most of the casaes we are unable to pertform the risk analysis.Please help us to solve the issue .

Regards,

Ram.

koehntopp
Product and Topic Expert
Product and Topic Expert
0 Kudos

My suggestion would be to create a workflow without risk analysis for now.

If you don't have the means to react to risks, why do you want to show them? Most likely, every single request will come up with risks, which is certainly not going to help acceptance for the system....

Frank.

Former Member
0 Kudos

Hi Frank,

As of now we are removing the roles access to the user which are having huge risks after performing risk analysis.So Risk analysis is mandatory for our process.Based in the requirement and criticality we are providing access to the user though the role consis to Huge violations.Kindly help me to solve the issue.

Regards,

Ram.