on 08-01-2011 8:02 PM
Hello together,
Requirement: Disable Rules in RAR 5.3
There is a particular Risk ID: F029, where it has the below Conflicting Actions to be Disabled in RAR 5.3
-
"Post Outgoing Payments (F-31) and Enter G/L Account Posting (F-02)
"Enter G/L Account Posting (F-02) and Post with Clearing (FB05)
"Post Outgoing Payments (F-31) and Post Document (FB01)
"Post with Clearing (FB05) and Post Document (FB01)
"Post Outgoing Payments (F-31) and Post with Clearing (FB05)
"Post with Clearing (FB05) and Post with Clearing (FB05)
"Post Outgoing Payments (F-31) and Reverse Document (FB08)
"Reverse Document (FB08) and Post with Clearing (FB05)
"Post Outgoing Payments (F-31) and Post Document (FBR2)
"Post with Clearing (FB05) and Post Document (FBR2)
"Post Outgoing Payments (F-31) and Reverse Cross-Company Code Document (FBU8)
"Post with Clearing (FB05) and Reverse Cross-Company Code Document (FBU8)
"Post Outgoing Payments (F-31) and Post Parked Document (FBV0)
"Post Parked Document (FBV0) and Post with Clearing (FB05)
-
When checked the relevant functions underneath the listed Actions, they contain in the Function (AR01 & GL01)
I have listed out the common Actions and listed out the functions:
Risk ID Actions Function ID
F029 F31 AR01
F029 F02 GL01
F029 FB01 GL01
F029 FB05 GL01 & AR01
F029 FB08 GL01
F029 FBR2 GL01
F029 FBU8 GL01
F029 FBV0 GL01
Preformed the below steps to disable the Actions:
Rule Architect-> Functions-> Search-> Function ID-> E.g. AR01-> Search-> Change-> F-31-> Disabled.
*Issues*:
When Disabled the Action F-31, noticed that all other risks (apart from the given list above ) were also being disabled and got escalated. As Action F-31 was in conflict with other Actions and functions.
Inputs Required:
Therefore could anyone suggest in how to disable only the listed combination of Actions from RAR. As when checked through my analysis there is no option to Individually disable the Rule IDs.
Do I have to create and build the complete Rule Sets again, can anyone suggest me the next steps in what needs to be done, for these actions to be disabled.
Thank you
Regards
Sridhar
Dear Sridhar,
We also faced the same issue. It is difficult to disable the rule id as we can only disable the action or risk and it will remove the remaining the conflicts also.
As a work around we identified the Rule ID of these conflicts eg., FB02 Vs FB02 - Rule id : F02827401 and assigned a False positive mitigation control to these IDs. When ever conflicts will be thrown for users or roles , this mitigation control will be assigned to these Rule ids.
This will be difficult during maintenance but we found it is a better solution than redesigning the entire rule set.
Thanks and Best Regards,
Srihari.K
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Srihari,
Thank you very much for your inputs towards creating Mitigating the Rule ID's.
Even I am finding it difficult in redesigning the entire rule sets.
I tried to create mitigation ID in Dev, but I didn't find an option to only restrict the Rule ID: e.g. F02906J01. There was only option to insert the Risk ID: F029, which would again mitigate the complete risks.
Could you please guide me through the steps on how to create mitigation Id only for the Rule ID: F02906J01.
Thank you
Regards
Sridhar
Hello Srihari,
Thanks again for your valuable time and Inputs, but again when I try to mitigate the Rule ID, I am not able to find an option to only restrict the Rule ID, as when choosed the Rule ID F0296j001, it gives the option of the complete Risk ID (F029)
Can you please provide me your email Id, so that I can send you the screen shots of the error message.
As this site does not support to prefix screenshots and the only option is to send you and email with the screen shots, on what I am performing.
Thank you
Regards
Sridhar
Sridhar,
In the mitigation control definition, if you search for the risk using the in field selections, it will probably only give you down to the risk level. However, if you know the rule id itself, then you can manually enter it into the field to mitigate specifically at the permission rule level.
I must admit that whenever I have wanted to remove the check for a specific action / function, I have always amended the ruleset accordingly.
I tend to advocate management of the rulesets via upload so it is a case of manipulating the contents outside the system and then uploading it again with the functions defined appropriately.
Simon
Hello Simon and Sri Hari,
Regret for the delay in reply and I am very thankful for your suggestions.
I have manually added the Rule Ids under the newly created Mitigating Ids. I followed the below steps:
1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)
2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209
- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.
Issue:
Once I have assigned all the users by mapping the Rule Ids towards the mitigating Ids, I extracted the report: Informer Tab-> Risk Analysis-> User Level and choosed to Exclude the Mitigated Risks.
The issue is, In the extracted report I can still VIEW the mitigated users list and the clients are questioning as to why these users are still showing when its been assigned to a false positive mitigating Ids.
Request you to kindly provide your inputs and thoughts on how to exclude these mitigated users from the reports.
Thank you
Regards
Sridhar
Hello Simon and Sri Hari,
Regret for the delay in reply and I am very thankful for your suggestions.
I have manually added the Rule Ids under the newly created Mitigating Ids. I followed the below steps:
1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)
2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209
- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.
Issue:
Once I have assigned all the users by mapping the Rule Ids towards the mitigating Ids, I extracted the report: Informer Tab-> Risk Analysis-> User Level and choosed to Exclude the Mitigated Risks.
The issue is, In the extracted report I can still VIEW the mitigated users list and the clients are questioning as to why these users are still showing when its been assigned to a false positive mitigating Ids.
Request you to kindly provide your inputs and thoughts on how to exclude these mitigated users from the reports.
Thank you
Regards
Sridhar
Hello Simon and Sri Hari,
Regret for the delay in reply and I am very thankful for your suggestions.
I have manually added the Rule Ids under the newly created Mitigating Ids. I followed the below steps:
1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)
2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209
- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.
Issue:
Once I have assigned all the users by mapping the Rule Ids towards the mitigating Ids, I extracted the report: Informer Tab-> Risk Analysis-> User Level and choosed to Exclude the Mitigated Risks.
The issue is, In the extracted report I can still VIEW the mitigated users list and the clients are questioning as to why these users are still showing when its been assigned to a false positive mitigating Ids.
Request you to kindly provide your inputs and thoughts on how to exclude these mitigated users from the reports.
Thank you
Regards
Sridhar
Hello All,
I am looking after an issue where client wants the permanent solution where the rule IDS are falsely mitigated before.I am thinking in one way that if I can remove the conflicting transaction from a rule,then we can get a permant solution. Could you please provide any detailed guideline for the issue???
Hi Sridhar,
As you mentioned the below steps you followed are:
1) Mitigation-> Created Mitigating Id (SMFI0004) and under Associated Risks I have manually inserted the Rule Ids (e.g. F0290KA01)
Suggestion: Instead of putting rule Id in associated risk field put the Risk Id as 'F029*' not the complete Rule ID.
2) - Clicked on Mitigate Users and Provided the associated Users ID : SP209
- In the Risk ID: I directly inserted the Rule ID: F0290KA01 and assigned the monitor IDs accordingly and saved the data to show up a false positive Mitigating report.
This step seems fine, in the Risk ID field just copy the Rule ID.
Hopefully it will resolve your issue.
Regards,
Praveen Kumar
User | Count |
---|---|
89 | |
7 | |
6 | |
3 | |
3 | |
3 | |
3 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.