cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AE 5.2 - Risk Analysis problem

Former Member

on ‎11-08-2010 11:04 AM

0 Kudos

Hello,

I am facing an issue with AE 5.2. When I create a request to assign roles and perform Risk Analysis, I get some SOD violations messages.

I copy the some assigned roles and paste them in CC 5.2 -> Informer -> Risk Analysis -> Role Level and I have no conflict!

Can you please advise why I have conflict with AE and not with CC?

Thank you very much indeed,

Cheers,

Abderrahim

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎11-08-2010 3:32 PM
0 Kudos

Hi,

Are you checking the SOD violations at both Critical Action, and Permission Level. Check both and see if the risks pop-up.

Else, it might be a false positive.

Regards,

Raghu

Edited by: Raghu Boddu on Nov 8, 2010 9:02 PM

Show replies
Show replies
Former Member
‎11-08-2010 3:55 PM
0 Kudos

Hi Raghu,

When I check the SOD violations at Permission Level, there is no conflict in CC. However there are some in AE.

When I check the SOD violations at Action Level, there are some conflicts in CC and a few in AE.

Thanks,

Cheers,

Abderrahim

Former Member
‎11-08-2010 4:25 PM
0 Kudos

Hi,

Which version of GRC are you on? Let me know the patch level too.

Rgds,

Raghu

Former Member
‎11-09-2010 7:59 AM
0 Kudos

Hi Raghu,

The versions are:

Access Enforcer: AE 5.2 SP11 Patch1 (Build-62316)

Compliance Calibrator: CC 5.2_10 Build ID: 03270808

Thank you,

Cheers,

Abderrahim

Former Member
‎11-10-2010 9:33 AM
0 Kudos

Hi,

Any update, please?

Thanks,

Regards,

Abderrahim

Former Member
‎11-10-2010 9:47 AM
0 Kudos

Hi,

It is just a False Positive. Consider upgrading to the next available SP.

Regards,

Raghu

Former Member
‎11-10-2010 9:51 AM
0 Kudos

Hi Raghu,

Thank your for your response.

As we have the following versions below:

AE 5.2 SP11 Patch1 (Build-62316)

CC 5.2_10 Build ID: 03270808

Which SP do you suggest to apply?

Thank you,

Abderrahim

Former Member
‎11-10-2010 10:05 AM
0 Kudos

Hi,

Please check at the marketplace to identify the appropriate update. You can find the list of fixes in every update, which you can refer before you implement.

Regards,

Raghu

Former Member
‎11-10-2010 8:50 PM
0 Kudos

Check to ensure that the risk analysis options, sometimes in the 'more' menu, are set the same for ignore mitigating controls or not.

Sounds like you have CC set to ignore mit. ctrl's.

Former Member
‎11-11-2010 3:34 PM
0 Kudos

Hi Ken,

In CC, the option 'Ignore Critical Roles & Profiles" is set to "Yes"

In AE, the option "Consider Mitigation Controls" is checked

Thank you,

Regards,

Abderrahim

Former Member
‎11-22-2010 10:41 AM
0 Kudos

Hello,

In fact, It was only a false positive issue because:

In CC I perform a risk analysis with Permission Level option.

However, I get risk violation in AE with Critical Transaction for the same role.

The right way is to run risk analysis in CC with Critical Actions.

Thank you for your collaboration.

Regards,

Abderrahim

Former Member
‎11-08-2010 2:07 PM
0 Kudos

Hi,

Sometime the problem I have is that there is an option of case sensitivity in RAR and I have to play around with it. Turn it off/on or manage it accordingly.

Thanks,

Chinmaya

Show replies
Show replies
Former Member
‎11-08-2010 2:25 PM
0 Kudos

Hi Chinmaya,

Many thanks for your response.

Where can I find enable/disable this option?

Thanks,

Cheers,

Abderrahim

Former Member
‎11-08-2010 3:09 PM
0 Kudos

Hi,

I currently do not have access to a GRC, so cant be sure, but I would say its in Additional Options. I have not used 5.2, but I think in 5.3 its under additional options.

Thanks,

Chinmaya

Ask a Question