SOD on Multi User and Multi Role

Former Member · ‎05-05-2010

Hi Experts,

We have a scenario. (I guess its pretty common one).

We have Master Role and Respective Derived Roles and these derived roles are maintained site/region specific and all generic things (applicable to all sites) are maintained in Master role and when we make any changes to master role (adding tcode or maintaining auth values to existing tcode or auth_obj) and the change implies to all derived roles.

My question is how to run a SOD with Multiple User (as derived roles are assigned to respective site users) and how to mitigate the same when in case this role is assigned to a user with multiple roles.

Any help is highly appreciated.

Thanks in advance.

Former Member · ‎05-05-2010

Hello,

If you have a list of the users who are having these roles (derived + master) assigned to them, then, you can run SoD analysis for them in RAR application. In RAR you can select multiple users & Multiple roles on which you wish to run SoD analysis respectively. The resulting analysis will show you Risks related to all the selected roles/users if there exist any.

Regards, Varun

Former Member · ‎05-05-2010

Varun,

Thanks for reply.

As of now we are only having CC 4.0 as a Virsa tool, no other modules of VIRSA has been implemented. Any other thoughts on this?

Thanks in Advance

Former Member · ‎05-05-2010

Hello,

Even in Version 4.0, you could run risk analysis on multiple users/roles via giving user/role range or selecting multiple users via value help available. This will give you result of risk analysis on all the users/roles selected.

Regards, Varun