on 07-28-2011 8:37 PM
Hello ,
We are upgrading our system from VIRSA 4.0 to GRC 5.3.We were doing our UAT testing and found some peculiar scenario.We would just like to know if this is a known issue with the old system or the change in logic.
When performing Risk Analysis using CC 4.0 by using Report Type :SOD at Auth object level and checking the option "Risks from Simulation only " for a role we get the Risks but when we do the same in RAR 5.3 using Report Type :permission level and type:role and select "Risks from Simulation Only" as yes it doesn't give any risks but when we select it is as No it gives exactly same risks as in the CC 4.0.Can you please let us know as to why this discrepancy.We have the exact same rules and risks,mitigation controls migrated over to the new system and also the user has same access across 2 systems.We are on SP15 for GRC RAR.
Thanks
Uday
Edited by: uday madireddy on Jul 28, 2011 9:37 PM
Hi Uday,
CC 4.0 by using Report Type :SOD at Auth object level and checking the option "Risks from Simulation only " for a role we get the Risks but when we do the same in RAR 5.3 using Report Type :permission level and type:role and select "Risks from Simulation Only" as yes it doesn't give any risks but when we select it is as No it gives exactly same risks as in the CC 4.0
I don't see any issue here. When you select No, it displays all the existing risks, and Risks from simulation is Yes, it shows the risks from the simulation only.
Regards,
Raghu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I think the issue got confused over here.
When we run it in CC 4.0 and GRC 5.3 the results should be same right?
i.e.CC 4.0 by using Report Type :SOD at Auth object level and checking the option "Risks from Simulation only " for a role we get the Risks but when we do the same in RAR 5.3 using Report Type :permission level and type:role and select "Risks from Simulation Only" as yes it doesn't give any risks.
So why is this difference?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.